Why attackers can't take down Amazon.com

anonymous_amazon.top.gifThe organizers of an attempted Amazon takedown called off the attack less than an hour later. By Julianne Pepitone, staff reporter


NEW YORK (CNNMoney.com) -- The website-attacking group "Anonymous" tried and failed to take down Amazon.com on Thursday. The group's vengeance horde quickly found out something techies have known for years: Amazon, which has built one of the world's most invincible websites, is almost impossible to crash.

Amazon has famously massive server capacity in order to handle the December e-commerce rush. That short holiday shopping window is so critical, and so intense, that even a few minutes of downtime could cost Amazon millions.

So Amazon (AMZN, Fortune 500) has spent years creating and refining an "elastic" infrastructure, called EC2, designed to automatically scale to handle giant traffic spikes. The company has so much spare server capacity, in fact, that it runs a sideline business hosting other websites. Its customers include the New York Times, Second Life, Etsy, Playfish, the Indianapolis 500 and the Washington Post.

Until last week, WikiLeaks was one of Amazon's website-hosting customers. Amazon gave WikiLeaks the boot in the wake of the site's controversial release of a trove secret U.S. State Department documents.

That put Amazon in the crosshairs of Anonymous, a group that originated on image-board site 4chan.org, which organizes swarms to try to crash the websites of those it deems enemies. In the past, Anonymous has taken down several high-profile sites, including those of the Motion Picture Association of America and the Recording Industry Association of America.

This week, Anonymous launched takedown campaigns against organizations that have shunned the site WikiLeaks. Under the banner "Operation Payback," the Anonymous group successfully crashed Mastercard.com and strained the websites of Visa and PayPal. (Mastercard and Visa's transaction networks -- which run completely independently of their websites -- were unaffected.)

Anonymous makes its attacks not through hacking, but merely by directing a giant traffic surge to the targeted website. That's called a DDoS attack, short for distributed denial-of-service -- and it's hard for most websites to defend against. The attack itself isn't sophisticated. It's the equivalent of simply hitting the "refresh" button on a website thousands of times, which attackers use automated programs to do.

But Amazon's entire business model is built around handling intense traffic spikes. The holiday shopping season essentially is a month-long DDoS attack on Amazon's servers -- so the company has spent lavishly to fortify itself.

Anonymous quickly figured that out. Less than an hour after setting its sights on Amazon, the group's organizers called off the attempt. "We don't have enough forces," they tweeted.

Instead, they decided to go hammer PayPal's API, which seems to be holding up fine under the attack. "These attacks have at times slowed the website itself down, but have not significantly impacted payments," a PayPal representative said.

So click away, holiday shoppers. Amazon's got your back.  To top of page

Frontline troops push for solar energy
The U.S. Marines are testing renewable energy technologies like solar to reduce costs and casualties associated with fossil fuels. Play
25 Best Places to find rich singles
Looking for Mr. or Ms. Moneybags? Hunt down the perfect mate in these wealthy cities, which are brimming with unattached professionals. More
Fun festivals: Twins to mustard to pirates!
You'll see double in Twinsburg, Ohio, and Ketchup lovers should beware in Middleton, WI. Here's some of the best and strangest town festivals. Play
Index Last Change % Change
Dow 17,279.74 13.75 0.08%
Nasdaq 4,579.79 -13.64 -0.30%
S&P 500 2,010.40 -0.96 -0.05%
Treasuries 2.59 -0.04 -1.60%
Data as of 12:03am ET
Company Price Change % Change
Yahoo! Inc 40.93 -1.16 -2.74%
Microsoft Corp 47.52 0.84 1.80%
Bank of America Corp... 16.95 -0.09 -0.53%
Oracle Corp 39.80 -1.75 -4.21%
Facebook Inc 77.91 0.91 1.18%
Data as of Sep 19

Sections

The automaker is recalling Cadillac XTS and Chevrolet Impalas because of a problem with the electronic parking brake arm. More

The Bill and Melinda Gates Foundation has given more money than many western nations. More

It's really good to be Larry Ellison. The Oracle founder is stepping down as CEO, so maybe he'll have more time to enjoy his glamorous life. More

As Occupy Wall Street goes on its debt-abolishing tear, thousands of people across the country are begging them to forgive their loans. More

Market indexes are shown in real time, except for the DJIA, which is delayed by two minutes. All times are ET. Disclaimer Morningstar: © 2014 Morningstar, Inc. All Rights Reserved. Disclaimer The Dow Jones IndexesSM are proprietary to and distributed by Dow Jones & Company, Inc. and have been licensed for use. All content of the Dow Jones IndexesSM © 2014 is proprietary to Dow Jones & Company, Inc. Chicago Mercantile Association. The market data is the property of Chicago Mercantile Exchange Inc. and its licensors. All rights reserved. FactSet Research Systems Inc. 2014. All rights reserved. Most stock quote data provided by BATS.