Meetup was launched in 2002 and is one of the world’s most unique social networking websites. It is a platform that allows people to congregate online, so they can meet up for actual get-togethers.
Apparently, somebody doesn’t like Meetup and wants to see it go down. The Distributed Denial of Service (DDoS) attack targeted Meetup and started on February 27.
A DDoS Attack
A DDoS attack is one of the simplest and most efficient ways of bringing down a website. It is executed by overwhelming the website server, to the point where it becomes incapable of functioning normally. The purpose is to flood the server with fake requests until it has reached maximum capacity and cannot cater to actual users.
Meetup’s Black Weekend
The attack was well focused, during which Meetup was assaulted three times on Friday, Saturday and Sunday. While the Meetup team struggled to mitigate the attack, bolster defenses, and keep user data safe all at the same time, it could not prevent the service from going off-line as a result of the attacks.
Meetup was Targeted & Threatened
According to the Meetup blog, Meetup Co-Founder and CEO Scott Heiferman, was given a chance to pay $300 by the attacker. The attacker claimed to have been hired by one of Meetup’s competitors as evidenced by the brief email.
Date: Thu, Feb 27, 2014 at 10:26 AM
Subject: DDoS attack, warning
A competitor asked me to perform a DDoS attack on your website. I can stop the attack for $300 USD. Let me know if you are interested in my offer.
How Strong is Meetup? How Safe are we?
The fact that Meetup refused to negotiate with cyber-terrorists is admirable. The fact that Meetup failed to stand intact against the attack is worrying. Meetup went down each time it was attacked. This was a DDOS attack, which means that Meetup was targeted, not its users. Does Meetup (and other social networking websites for that matter) possess the strength and capacity to keep our data safe?
We need websites like Meetup to keep us connected. Websites like Meetup go beyond the purpose served by Facebook and Twitter; and they serve a purpose in the practical social networking. We rely on Meetup for the service it delivers, and for that reason Meetup has a responsibility to keep our data safe. Meetup claims to have fulfilled that responsibility during this attack, but it would be foolish to forget that the attack was not targeting user data. This was purely a DDoS attack designed to temporarily disable Meetup, and it managed to do so. What next?