Anonymous hacker claims GoDaddy attack; outage hits millions

Go Daddy, the domain registrar and Web hosting firm, has suffered major outages today, taking potentially millions of sites down with it.

Shortly after 1:30 p.m. ET, @GoDaddy took to Twitter to say: "Status Alert: Hey, all. We're aware of the trouble people are having with our site. We're working on it."

The cause and the true scale of the outage is unknown. Many customers and users have taken to social networking sites, such as Facebook, Google+, and Twitter, to complain that the sites they operate or are trying to access are not loading. Some are complaining that their email communications are affected, such as individual email accounts and servers.

A member associated with the hacktivist Anonymous collective has claimed responsibility for the 'attack.'

The 'outage'

Go Daddy, which says it is the world's largest hosting provider of secure websites with more than 53 million registered domain names, has yet to confirm the cause of the apparent outage, but said on Twitter that it was "working on" getting the service back up and running.

Go Daddy's main website was also down for a brief period. In a message on one of its pages, the company said:

We are experiencing problems. We understand this is impacting some customers and we take this situation very seriously. Everyone at Go Daddy.com is working to restore all sites affected by this outage as soon as possible.

According to one source speaking to ZDNet, Go Daddy's DNS servers are not resolving forcing many websites offline. In many cases, even if the site is not hosted by Go Daddy itself, the DNS servers are down and cannot point the user to the correct page. 

Some parts of the website appeared to be working again at 4 p.m. ET. At just after 4 p.m. ET, Go Daddy said in a tweet that it was "still working" on the ongoing issues and that the firm was "making progress."

"Some service has already been restored. Stick with us," the tweet read.

At 6:16 p.m. ET, Go Daddy said that "more progress has been made," but that it was "still investigating and working" to find the source of the problem and find a solution.

According to sister-site CNET, Go Daddy spokesperson Elizabeth Driscoll said: "Go Daddy is experiencing intermittent outages. This is impacting our site and some customer sites."

Later on in the evening, Driscoll told ZDNet in an emailed statement:

At around 10:25 am PT, Go Daddy.com and associated customer services experienced intermittent outages. Services began to be restored for the bulk of affected customers at 2:43 pm PT. At no time was any sensitive customer information, such as credit card data, passwords or names and addresses, compromised.

Driscoll added that more updates were on the way "within the next 24 hours."

Links to Anonymous

One Twitter user, named @AnonymousOwn3r, claimed sole responsibility for the alleged attack, stating, "was only me not the Anonymous [collective]". On his Twitter profile, he claims to be a "security leader of #Anonymous." He goes on to say in an earlier tweet that he was "behind many things such like irc, ops, attacks [sic]."

His Twitter account has seen more than 1,500 new followers per hour on average, and continues to retweet coverage from various news sites and agencies.

@AnonOpsLegion, an account linked to the Anonymous collective, praised the hacker for his alleged work. Many of the hacker's tweets are in Portugese, suggesting he is in Brazil, based on analysis of earlier tweets.

Christina Warren, entertainment editor at Mashable, empathized with the customers who are struggling with downed website. She said: "But the epicness of this sort of hack cannot be denied. I mean, hot damn. That’s a huge get."

But one of the 'main' Anonymous account, @YourAnonNews, has distanced the hacking collective from the alleged attack, saying in a tweet: "Please redirect your godaddy hate to @AnonymousOwn3r says is the 'leader' of Anonymous."

If this was the work of a lone hacker taking down tens of millions of websites, it would be the largest takedown of any service ever.

SOPA backlash?

Last year, Go Daddy came out in support of the controversial Stop Online Piracy Act ("SOPA"), but bowed to pressure from Reddit activists following the transfer of tens of thousands of domain names from Go Daddy to other companies.

The Wikimedia Foundation famously moved away from Go Daddy after the non-profit group protested months earlier in opposition of SOPA by blacking out its entire English-speaking website for 12 hours.

However, despite speculation that this could be connected to the previous support for SOPA, AnonymousOwn3r said: "I'm not anti go daddy, you guys will [understand] because i did this attack [sic]."

"I'm taking godaddy down [because] well i'd like to test how the cyber security is safe and for more reasons that i can not talk now," the hacker said in another tweet.

Businesses affected, ripple-effect continues

The fallout from the hack or outage -- or whatever it turns out to be -- is already starting to affect ordinary businesses across the world. Not only that, the knock-on effect to Go Daddy as a company could be huge.

If Go Daddy was taken down by seemingly one person -- the possibility that he could be in control of a botnet notwithstanding -- it shows the vulnerabilities of even major corporations. Why stick around with a company that cannot guarantee the uptime that one pays for? Similarly, it has a ripple-effect on other businesses and service providers. It's a wake-up call to the industry.

RunningShoes.com chief executive Chad Weinman told ZDNet:

RunningShoes.com was brought down for several hours today by the Go Daddy attacks. Our online retail business is dependent on our site functioning properly in order to conduct daily business. An outage of this magnitude signficiantly affects our revenue stream and as a direct result of this event we have lost ten of thousands in sales. Switching off the Go Daddy platform is now under serious consideration internally.

Even if, by the end of this, it was a 'simple' outage that led to the collapse of the Go Daddy empire for more than half-a-day -- let alone on a Monday morning during business hours -- the financial implications for the company could be far greater than the mass exodus seen as part of the wider SOPA protests.

But how Anonymous' public perception will be if it is proven to be an attack performed in its name -- even if the collective has distanced itself from the alleged hack -- the public's mood could shift against the once-revered online antagonists.

While no Web hosting service is perfect, with poor reviews and hasty, ill-informed customer service, what Go Daddy does from here will be crucial.

As Forbes so kindly put it: "whether because of their [sexist] advertising tactics that they just won't change, poor judgment by its executive team [the elephand killing], unethical business practices, carelessness for its existing customers or inability to control its own services," perhaps this will be the last straw for customers. 

Poor infrastructure, poor support, poor communication through a few meager tweets, or poor resiliance to a cyber-attack. Whatever the outcome, Go Daddy isn't going to come out of this lightly.

Image credit: C. Sternal-Johnson/Twitter.