As the Senior Vice President and General Manager of the Security Business at Barracuda, I would like to personally explain the recent incident that significantly degraded our email security service and impacted our customers.
The facts of the incident
At 7pm PST on Tuesday, November 1, 2016, the Barracuda Essentials for Email Security Service began experiencing an unusually high volume of unsolicited inbound DNS responses appearing to be from thousands of globally distributed hosts. This traffic, which was spurious and polymorphic impacted email delivery, message log, and quarantine logs. Our real-time monitoring system immediately identified the increased traffic, and we quickly began deploying defensive measures to address the surge. These measures restored mail flow through the day as we mitigated the impact of the increased traffic load.
While mail delivery was delayed for some customers, there was no email lost in this incident. Furthermore, Barracuda threat scanners remained operational, and the UI was accessible throughout the troubleshooting process. Normal delivery has resumed and any email temporarily delayed has been successfully processed.
At this time, all systems remain fully operational. We are closely monitoring the situation and implementing additional measures to strengthen our infrastructure.
The nature of the unsolicited traffic which caused the incident is particularly challenging to address. The malicious traffic appears similar to legitimate traffic by impersonating the IP address of the target, making it difficult for response teams to discern between the legitimate and malicious traffic. It takes longer to identify the spurious traffic and redirect away from the critical business path. It will take an industry-wide effort to eliminate these types of attacks in the future.
• All systems are fully operational at this time.
• Barracuda Essentials for Email Security experienced a response time degradation, during which email was delayed but not lost.
• All security features, including threat scanners, functioned at full capacity and email delivery services responded as they are designed to behave under abnormal load conditions.
• We continue to monitor the situation and implement additional measures to strengthen our infrastructure. We are still investigating the source of the traffic surge, and will make further adjustments as necessary based on our ultimate findings to further improve our service levels and response to incidents..
We recognize email is an essential service for our customers. Barracuda is fully committed to providing the highest levels of service to you with our security service. We continuously improve the capacity, performance and resilience of our infrastructure to protect our customers and accommodate the rapid growth in our Essentials business.
Thank you for your business, trust, and cooperation.
Hatem Naguib serves as Senior Vice President and General Manager, Security Business at Barracuda. He has global responsibility for Barracuda’s complete portfolio of award-winning, cloud-enabled security products that span network, content and application security. He brings more than 25 years of experience in high-tech companies building innovative products in enterprise software, cloud services, data center virtualization, software defined networking, and security. Follow him on twitter @hatem_naguib.