Attacks on major blog platform WordPress have been traced back to China. But it appears the motivation may be commercial rather than political.
WordPress, which offers a technology used by an estimated 18 million sites, is no stranger to Distributed Denial Of Service (DDOS) attacks, but generally doesn’t show any ill effects.
Late last week, though, it suffered what it called the biggest series of such attacks in its history. On both Thursday and Friday attacks managed to cause enough strain to impact all three of the company’s data centers and, though it was dealt with relatively quickly, there were some periods when sites were unavailable. That sound like a minor incident in the wider picture of the web, but it becomes a big deal simply because of the sheer number of sites affected.
According to WordPress, the attack was in the order of “multiple Gigabits per second and tens of millions packets per second.” That’s not some kid messing about in his bedroom, it’s a large network of computers (used with or without the knowledge of the owners) to attempt to bring down a system.
Originally WordPress said it suspected the attack might be politically targeted against “one of our non-English blogs” but was investigating the issue. It’s now told TechCrunch that it’s discovered 98 percent of the attacks came from China, and that it’s traced the target as a specific Chinese language site. It hasn’t named the site but notes it’s been blocked by China’s largest search engine, Baidu.
Although that might also point towards a political motivation, WordPress says that isn’t the case. It believes that given the identity of the site, it’s more likely to be a “business-oriented” attack. It adds that it has been unable to contact the owner of the site and that this will have to happen before it considers naming the site publicly.