Microsoft suffers back-to-back outages

Amid questions about its security practices, Microsoft Corp. last week fought off two major Web site outages, claiming the first was due to an internal human error and the second was caused by hackers.

The first outage began Tuesday at approximately 11 p.m. EST, occurring when a Microsoft technician incorrectly configured a router on the edge of Microsoft's DNS network, according to a company statement.

The Redmond, Washington, company issued a second statement late Thursday reporting that another set of outages were caused by a DoS (denial of service) attack, in which a hacker intentionally targeted a router, flooding it with the aim of bringing Web traffic to a near halt.

Microsoft posted another statement saying operations returned to normal by the end of Thursday. Company officials were unavailable through Friday afternoon.

Although Microsoft maintains that the events were separate, some within the industry have doubts.

"It is hard to believe that one problem is different from the other," said Ric Steinberger, technical director at online security company SecurityPortal Inc. "It is not always obvious from the start that something is DoS or due to a change in configuration. I think probably when the dust settles, Microsoft is going to say this is all the result of a DoS attack."

Speculation about Microsoft's own security is a growing problem for the company, according to Neil MacDonald, vice president and research director at Stamford, Connecticut-based Gartner Group Inc.

"Microsoft [has] tried to quiet any criticisms, so they come out with really quick explanations. But it turns out their explanations are not right the first time, and it makes them look like they don't know what they're doing," MacDonald said. "Microsoft originally said somebody had misconfigured a router, but it was apparent that there was more than that going on."

The chaos around Redmond is also casting doubt in customers' eyes, according to Eric Hemmendinger, research director at Boston-based Aberdeen Group Inc.

"Users have stopped looking at Microsoft as a prospective supplier for security needs. You don't hire these guys as security guards," Hemmendinger said.

By taking steps to come clean about its DNS troubles last week, Microsoft may have inadvertently "upped its mindshare" in the eyes of malicious hackers, but is not necessarily leaving itself more susceptible to attack, he continued.

"It doesn't matter how big a giant you are, you can still be taken out at the knees," he said. "There's a lot you can do in terms of cleanup, but preventing it is next to impossible."

Hemmendinger said pulling the plug to stop such a massive DDoS (distributed DoS) attack, a common defense against the bogus-packet flooding assault, basically achieves the aim of the culprit who launched the attack.

MacDonald said Microsoft will continue to be a prime target for malicious computer attacks and break-in attempts because of its size, application development software, and the fact that many users do not like the company's dominance.

Analysts expect the recent attack on Microsoft, as well as last year's strikes against eBay, Yahoo, and, will force users to look toward outsourcing DNS.

Steve Hotz, CTO of UltraDNS Corp., a San Mateo, California-based company that provides outsourced DNS services, said that hosts can provide benefits most companies cannot employ themselves, particularly during a crisis.

"In some cases, the only reasonable approach is to increase the hardware in a system," he said.

James Niccolai and Ashlee Vance of the IDG News Service, an InfoWorld affiliate, contributed to this report.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about Aberdeen GroupCNNeBayGartnerGartnerMicrosoftMindshareSecurityPortalUltraDNSYahoo

Show Comments