DDoS attack affects half of GoGrid's customers

Hosting company GoGrid suffered a distributed denial-of-service attack Monday afternoon that affected approximately half of its thousands of customers, co-founder David Hecht said on Tuesday.

The DDoS attack hit Monday afternoon, slowing customers' Web sites, creating latency issues, and making clients' Web sites inaccessible, Hecht said.

Although GoGrid was able to stabilize the situation by late Monday afternoon, getting most of its customers' sites back online, the company faced a decision whether to stay on course with a scheduled maintenance later that night or reschedule for another date.

The maintenance, which required GoGrid to take its portal down and troubleshoot support queries over the phone, was designed to expand its capacity, deploy minor bug fixes, and add additional improvements to the service.

In its notice to customers, GoGrid stated:

In the end, the decision was made to proceed with the maintenance because this capacity expansion had been planned for several months and would give us more flexibility in ensuring low utilization across our infrastructure. In hindsight, this may have been a poor decision because the maintenance took longer to complete, and the maintenance window had to be expanded by several hours.

On Monday night, GoGrid spent hours rebooting its servers and developing a long-term game plan to solve the ongoing issue, but by morning, the company continued to be inundated with customer calls that their Web sites were not reachable from certain parts of the Internet.

GoGrid determined that the problem apparently was centered on a routing issue, with some of its networks failing to properly announce GoGrid routes. The routing issue was resolved late Tuesday morning.

The company is continuing to investigate the issue and asks its customers to run a traceroute to their servers' IP address and report it to GoGrid's support staff, should they encounter connectivity problems.

[Michichael]

So... I'm kinda struggling to understand what the writing point is about... They had a DoS attack, but it was due to their own misconfigurations of routes? Doesn't that kinda make it NOT a DoS attack? OR am I just having a lot of difficulty spotting the actual subject matter here...