GetResponse CEO Statement Regarding the DDoS Attack (UPDATED)

UPDATE - Great news: We have managed to restore our outbound mailing capability. All emails that have been scheduled in the past days will now be sent, however it may still take up to several hours in order to provide the best possible deliverability.

Newly scheduled emails may have a bit longer delivery time as we are dealing with a quite large volume of emails that were scheduled in the past few days.

If you have any questions about your newsletters or account, please contact our Customer Service Department at http://app.getresponse.com/support.html (GetResponse 360 customers, please contact your Account Managers).

 

Dear GetResponse Customer,

As you may know, GetResponse has had a pretty rough weekend… We suffered a major outage caused by a DDoS (distributed denial of service) attack on an unprecedented scale, which has flooded our network and our data center (Windstream) with malicious traffic.

.

What happened?

On Saturday, after hours of working together with our data center Windstream (including their directors and VP-level executives), we received information that they have failed to mitigate the attack and of their decision to block our network connectivity until a powerful DDoS mitigation service can be fully implemented.

When GetResponse went down, the morale of the GetResponse community didn’t. We saw an amazing display of support and we would like to thank our customers for rooting for us.

Twitter _ Search - @getresponse Screen Shot 2014-04-29 at 8.23.44 PM Image 4-29-14 at 8.50 PM Image 4-29-14 at 8.54 PM

 .

What’s the current status?

We brought many of the services back online on Sunday (websites, web subscriptions, API, web forms, surveys, landing pages). We had another attack on Monday, but we fully mitigated it, with no downtime, thanks to our new mitigation solution.

We are still working on resolving the issues with email delivery and anticipate to have a complete resolution within the next couple of days. We are literally working on this around the clock, with involvement of VP-level executives from our data center and DDoS mitigation partners.

.

What is GetResponse doing to mitigate the attacks?

Over last 15 years we have repelled many DDoS attacks using our infrastructure. More recently, we employed CloudFlare Enterprise solution that has helped us to deal with previous attacks in March and April. Unfortunately, the scale of last weekend’s attack has been so huge that it overran our current mitigation solution, and we needed to come up with a new plan.

After a conference call with our data center, within minutes we got in touch with Akamai, the world’s leading DDoS mitigation provider, with 1.8 Tbps mitigation bandwidth. We asked them to deploy an “always on” clean-pipe DDoS scrubbing service for GetResponse. This is the most advanced type of protection available on the market (also most expensive). It scrubs all inbound traffic for malicious packets of data and returns only “clean” traffic to our data center.

In total, we are spending close to half a million dollars in mitigation solutions, hardware, connectivity and other upgrades.

 .

Why was GetResponse attacked?

This wasn’t the first attack that GetResponse has encountered recently. We endured several other attacks in March and April. And we weren’t alone…

Over the last two months this criminal has targeted many other large Internet companies, putting them offline as a consequence. These include Meetup, Shutterstock, MailChimp, Fotolia, Basecamp, oDesk, SurveyGizmo, MadMimi, OkCupid, HootSite, Typepad, Elance, Aweber and others. It is unfortunate, but these types of attacks are becoming much more frequent in today’s environment.

Why would anyone attack well-meaning companies disrupting their business?

This email explains it all:

Subject: DDoS attack, warning

I don’t have to explain myself anymore. I will stop the attack for 1.2 Bitcoin (≈ $750).

Your network will be safe from further attacks coming from several botnets, think twice before making your final decision, as even the best global DDoS mitigation won’t be able to handle easily the incoming new Amp. methods.

Let me know if you are interested in my offer.

We weren’t interested, and won’t ever be, even if they continue to attack us. The low “offer” ($750) was just bait, and we know they’d come back for more. Paying would only encourage them to attack other companies. Besides, we are confident that we can protect ourselves in the future with the mitigation plan we’ve put in place. But above all, paying criminals is simply the wrong thing to do.

I sincerely apologize for this outage. We care about you, our customers, and we know that you rely on us to get your emails out to the world. Since the attacks, we’ve been working day and night to get the mitigation in place.

I thank you for your trust, your support and your loyalty during these difficult moments.

Regards,

Simon Grabowski

CEO

GetResponse

 

PS.: If you have any questions about this issue, please contact our Customer Service at support.getresponse.com (GetResponse 360 customers, please contact your Account Managers).

  • Anonymous

    May I ask how large the two recent attacks were in size?

  • Jay Evans

    I just bought Simon Grabowski’s book “How to Run A Company With 350,000 Customers Into the Ground In 3 Days” and I was kind of upset, because the pages inside were all blank. Now seeing how this DDOS attack is unfolding, it all makes sense. It’s not what you say, it’s what you don’t say…clever.

  • Joaquin

    I’m sorry but I’m very upset about this. I’ve lost thousands of dollars and I’m a startup. Taking these kind of hits can easily put a startup out of business. Please fix this ASAP.

  • KatarzynaPietka

    Hi Jay, I’m sorry your comment waited quite a long time to be published. We do not delete comments from our users unless they are spam or include explicit vocabulary, so there was no reason for deleting this one.
    Once again – I do apologize for the long time your comment was waiting to be published.

  • KatarzynaPietka

    I understand you’re upset, Joaquin, and that your business was affected by our outage. We’re doing all we can to bring the service back to full functionality – please stay tuned for next updates on status.getresponse.com or our Facebook fanpage http://www.facebook.com/GetResponse .

  • Jay Evans

    Would be nice if you could show any links to Cloudflare or Windstream being affected or hit by what you’re calling the largest DDOS attach ever. They apparently don’t have any blips on their status screens. “We suffered a major outage caused by a DDoS (distributed denial of service) attack on an unprecedented scale, which has flooded our network and our data center (Windstream) with malicious traffic.”

  • KatarzynaPietka

    Jay, please have a look at CloudFlare’s Twitter profile – they post frequent updates including the information about DDoS attack mitigation. http://www.twitter.com/cloudflare or http://www.cloudflare.com/system-status – check Technical report section at the bottom of the page.

  • angelzzz

    Man, chill. We lost close to 100K$ since last Friday. This is the reality we live it. As for start-ups, you aware that not all of them are becoming successfulmaking exits? Spend time with family while your start-up is paralyzed. Have a nice day all and hope things will be better soon.

  • SaraRuthWolkiewicz

    Thank you for your support Eulises, our services are being restored and are starting to work, please keep checking the updates for more information http://status.getresponse.com

  • KatarzynaPietka

    Hi Ryan, the service has been up and running for more than 24 hours now – we’ll reach full sending capacity soon. We’re sorry that our outage has affected so many businesses, although we’ve been doing all there was to do in order to mitigate the DDoS attack’s consequences. Right now, we are protected by the highest quality mitigation services available – this should prevent similar situations in the future.

  • http://utibeetim.com Utibe Etim

    Well done! I love Getresponse and I will remain with getresponse.