Summary of Report

On December 13 2021, our production system was impacted by what was eventually diagnosed as a Distributed Denial of Service (DDOS) attack causing partial or total unavailability of web app service in US commercial region. After an extensive troubleshooting procedure, we identified a possible vulnerability with VIDIZMO caching service that caused the web app to become unresponsive.


ID
Problem Identification
DDOS-01
Distributed Denial of Service (DDOS)


Scope of Impact

The following resource was affected:

  • Production systems in US region (commercial environment)


Used Tools

The following tools were used for root cause analysis:


ToolDescription
NMAPNmap is a free and open-source network scanner
WiresharkWireshark is a free and open-source packet analyzer
WINDBGWinDbg is a multipurpose debugger for the Microsoft Windows computer operating system


Line of Action - Associated Timelines

The following table provides detail about the timeline for resolution/restoration of services.


ID
Problem Identification
Identification Date
Incident Resolution
Start Date
End Date
DDOS-01
Distributed Denial of Service (DDOS)
Dec 13, 2021
Dec 13, 2021
Dec 14, 2021


Remediation Procedure

Below are the details about actions performed to restore web services.


Problem Identification
DDOS-01 - Distributed Denial of Service (DDOS)
Remediation Action
A patch update was installed to resolve the issue and restore services.
Threat Mitigation and Future Plan
Our anti DDOS security systems are active 24/7/365. We're closely monitoring the web app service to protect from such types of attacks in future.



--End of Document--