Incident Summary
From approximately 10:15 a.m. until approximately 10:35 a.m. on on Monday, March 28, 2016, Information Technology Services' (ITS) XPROD service experienced a disruption of service due to a distributed denial of service (DDoS) cyberattack. During this period of time, the XPROD service was effectively unavailable and unusable.
Because we recognize that interruptions of service impact institutions across the state, we are communicating this post-outage analysis of what occurred and the measures being taken to address the factors resulting in this incident.
Incident Cause
The incident was caused by a DDoS cyberattack that targeted XPROD from external sources, flooding the network with information and preventing access to the service. No data was compromised as a result of this attack.
Incident Response Measures
Because network traffic associated with DDoS attacks is typically indistinguishable from legitimate network traffic and because of their inherently distributed nature, DDoS attacks are difficult to prevent. However, since this incident, ITS has performed several network configuration changes designed to help prevent these sorts of attacks in the future. We are also evaluating a number of other changes that may also help prevent attacks.