Distributed Denial of Service (DDoS) attack
Incident Report for iSAMS Ltd
Postmortem

An important update regarding yesterday's outage

Yesterday we experienced a system outage and, following a conversation between our Technical Director and our datacentre providers (Rackspace), we wanted to follow up with you to provide a bit more information on exactly what occurred and how it was resolved.

Why was there a system outage?

On September 4th between 12:05 BST and 13:35 BST there was a Distributed Denial of Service (DDoS) attack specifically targeted at iSAMS, the likes of which are often in the news for taking offline large websites belonging to Microsoft et al.

At this time we don't know anything about the attackers or why we were targeted, but this is something we're currently investigating.

What did iSAMS do?

When the attack started, our monitoring systems immediately flagged it and contacted Rackspace Support. We stayed online whilst they tried to mitigate the issue but, as the attack was distributed from many sources, this was very difficult to do.

Whilst on the call with Rackspace we initiated a failover to our secondary networking infrastructure, but unfortunately this was ineffectual. This is because we were the target of the attack so, when we performed the failover, the attack traffic simply moved to the secondary hardware and took that offline. Sadly, redundant systems and high availability do not protect you against Distributed Denial of Service attacks.

Rackspace were able to bring the system back online at 13:35 BST.

What next?

We aim to provide schools with a reliable service and this is the first outage we've experienced in 7 years that affected a number of schools simultaneously.

We're very sorry for any inconvenience this may have caused and we would like to assure you that we'll be liaising with Rackspace and monitoring the situation closely to prevent anything like this happening in the future.

We'll also be reviewing our internal processes to expediate our responses to situations like this, ensuring that we're communicating with you as quickly and frequently as possible.

Posted 16 days ago. Sep 05, 2019 - 16:09 BST

Resolved
On September 4th between 12:05 BST and 13:35 BST there was a Distributed Denial of Service (DDoS) attack specifically targeted at iSAMS.

At this time we don't know anything about the attackers or why we were targeted, but this is something we're currently investigating.
Posted 17 days ago. Sep 04, 2019 - 13:00 BST
This incident affected: Hosting Infrastructure (London (UK) Data Centre, Hong Kong Data Centre).