Canonical, the company behind Ubuntu, has confirmed that services are back up and running following a major DDoS attack that left some of its infrastructure, including websites and repos, unavailable for five days.
DDoS, or Distributed Denial of Service, attacks are intended to disrupt the everyday operation of servers and networks. They’re often quite effective, too, leveraging a flood of requests from IP addresses that are tough to distinguish from genuine ones, with the intention of overwhelming a system. That’s what Canonical has been dealing with over the past five days, only recently confirming that it has restored services.
“At this stage, we have implemented mitigations and restored services affected by the Distributed Denial of Service (DDoS) attack,” Canonical says.
Though some services may still be affected as they spin back up: “You may experience partially degraded performance on some of the services as we continue to work diligently on resolving the situation.”
Canonical’s status page now notes all components as operational. Though it couldn’t have been an easy fix, as the attack was first reported on May 1, perhaps beginning as early as April 30, and it wasn’t until May 6 that Canonical announced it had largely mitigated the attack.
The attack reportedly knocked out key repos, including those for security updates, for Ubuntu. That puts users of the operating system, such as myself, in a tricky spot. Local mirrors offered some way to access key updates, however, and not all services were down at all times. Such is often the case with a DDoS attack.
The reason for the attack is not clear. Some suggest a group by the name of The Islamic Cyber Resistance in Iraq claimed the attack, reportedly taking to Telegram to announce its action. Though it’s not clear from Canonical if that was the case, nor did the group suggest why it was attacking the open-source operating system. Presumably, there are bigger fish to extort than a Linux distro, even if it is one of the largest and most popular.