Linode Suffering In DDoS Aftermath

Confidence: Medium
Impact: Medium
Disposition of finding: Negative

Linode, LLC is a hosting service provider based out of Galloway, New Jersey. It’s focused on cloud computing, and competes with the likes of RackSpace, and Amazon’s EC2. Primarily focused on performance and cost, they attract a certain class of customer who is focused on availability and capital costs associated with infrastructure.

In late 2015, Linode suffered a sustained and long term distributed denial of service attack against their network. These attacks are frequent, but it appears that they were unable to recover in any meaningful amount of time. The infrastructure they have build was unable to keep up with the attack and subsequently, I have seen a decline in just over 21% of their customer base and associated infrastructure since/through the month of January. Customers appear to be leaving due to the sustained attack.

This is to be expected given that the Linode customers often are hyper focused on availability as companies like Google place higher importance on companies that load quickly. This is due to the belief that bounce rate is higher on sites that load slowly. As such, it is unlikely that Linode can go public in the near-term and on top of the damage due to the attack, the company will no doubt need to outlay more capital expenditure as they attempt to mitigate the attack (E.g. buying access to Akamai’s Prolexic, or Arbor, etc.).

Obligatory legal disclaimer.