Newswire service Business Wire said Tuesday that it has been under a sustained Distributed Denial of Service (DDoS) attack for almost a week.
The company said that since last Wednesday, January 31, the attack has been attempting to render the newswire service portal unavailable.
As a frequent user of Business Wire services, SecurityWeek can confirm that the web-based service has been often unresponsive or seen performance being extremely degraded in recent days.
In a customer advisory, Richard DeLeo, Chief Operating Officer at Business Wire, said there is no evidence that any systems or client information have been compromised.
DeLeo said the company is working closely with unnamed partners to mitigate and resolve the attacks and stabilize the environment, but did not share any details, other than calling it a “directed and persistent” attack.
A traceroute shows that the company utilizes Akamai as a content delivery network to handle web requests to www.businesswire.com.
In August 2015, Berkshire Hathaway-owned Business Wire was victim of a cyberattack that allowed malicious actors to gain unauthorized access to non-public, market-moving information stored on its news distribution platform. Soon after, the Securities and Exchange Commission (SEC) announced that a cybercriminal group allegedly hacked into multiple newswire services to steal non-public information about corporate earnings announcements that were used to make financial trades that generated more than $100 million in illegal profits.
According to Arbor Networks’ 13th Annual Worldwide Infrastructure Security Report (WISR), 57% of enterprise, government and education (EGE) respondents and 45% of data center operators had their network resources depleted due to DDoS attacks in 2017. Arbor observed 7.5 million DDoS attacks in 2017.
Arbor also found that attack durations surged in 2017, with 29% of service providers saying they experienced attacks of over 12 hours. 45% of respondents said they experienced more than 21 attacks per month, while 17% were hit more than 500 times per month.
