Authorize.net Says New Defenses Stymie DDoS Attack

Authorize.net, which handles credit card transactions for online merchants, says new defensive measures have helped deflect a persistent distributed denial of service (DDoS) attack that caused sporadic outages last week.

Authorize.net "successfully installed industry leading solutions designed to negate the impact of (DDoS) attacks," the company said over the weekend. "These installations are successfully thwarting a current and sustained attack with no DDoS-related degradation to our service whatsoever."

Authorize.net Site Performance

The company said the attacks caused periodic outages for merchants using its service to process credit card payments. Some customers were able to process transactions from existing accounts, but were unable to sign up new accounts. "We've invested heavily in defense, and we thought we were prepared," Roy Banks, general manager of Authorize.Net, told TechTarget. "But the nature of this attack was something we had never experienced."

A series of DDoS attacks in April targeted online payment processing firms Authorize-IT and 2Checkout. Those attacks were later attributed to extortion schemes in which attackers threatened to knock the firms' web sites offline, which was also the case with Authorize.net, according to company officials. All three firms are widely used by small web hosting companies and other online merchants who need to accept credit cards but don't have their own merchant account.