Malaysia’s top news website, Malaysiakini.com, was the victim of a distributed denial-of-service (DDoS) attack yesterday which rendered it unreachable.
It’s unclear who instrumented the attack or what was their intention, but it coincided with the start of elections in Sarawak, the largest Malaysian state located on the island of Borneo.
Malaysiakini provides news in English, Malay, Chinese and Tamil and has over 1.6 million monthly unique visitors. Since mid-2008, the website is the most popular online news source in the Asian country.
The attack was so powerful that both data centers housing the site’s servers were affected. JARING, one of Malaysia’s top ISPs that operates?one of the centers also reported service disruptions across several regions at around the same time.
“A cyber attack beginning at 11am today shut down Malaysiakiniservers simultaneously, making the website inaccessible to readers.
“The Malaysiakini technical team has determined it to be a denial-of-service attack, where an attacker uses computers in different parts of the world to swarm Malaysiakini servers to the point that they are unable to cope with the massive traffic.
“Both our servers, which are hosted at two data centres – TM Brickfields and Jaring – have been affected by the attack,” Malaysiakini’s official announcement reads.
The website has remained offline since the attacks, but new Malaysiakini content has been made available through other means, including Facebook and a blog hosted at wordpress.com.
The company plans to achieve some redundancy by cross-publishing on multiple platforms, including WordPress.com, Facebook, Blogger and others, which are better equipped to fend of powerful DDoS attacks.
Malaysiakini readers have been largely supportive, some even accusing the government of involvement and trying to censor the Sarawak elections.
There are various ways to mitigate DDoS attacks, but ultimately the only true protection is to have better bandwidth than what attackers have at their disposal.