Was the BBC hit by a DDoS attack?
It appears that the disruptions caused to the BBC’s iPlayer and website last weekend were possibly due to a DDoS attack.
The iPlayer service was out of action over most of the weekend because of problems with the database behind the catch-up service.
The faults also meant that only a simplified version of the BBC’s homepage was shown, while online video and audio clips were also disrupted.
A BBC spokesman said the corporation was confident the faults were now fixed.
“BBC iPlayer, BBC iPlayer Radio and other parts of BBC Online that were affected by problems over the weekend are now up and running. Our teams continue to investigate the problem to ensure this doesn’t happen again,” he said.
Richard Cooper, the BBC’s Controller of Digital Distribution, posted a blog saying that at 9.30am on Saturday, “the load on the database went through the roof, meaning that many requests for metadata to the application servers started to fail”.
The Inquirer quotes security firm Corero suggesting that the BBC problems were caused by a denial of service attack.
“DDoS as a cyber-demonstration technique is becoming more popular as the battle for the attention of the public at large rages on,” Corero chief executive Ashley Stephenson said.
“In this case, large streaming content providers like BBC iplayer present themselves as an interesting target, in that video is notoriously susceptible to very small changes in bandwidth, latency or jitter and is therefore very easy to disrupt if there is no proactive protection mechanism in place.”