Website development service Moonfruit has taken thousands of personal and business websites offline for “up to 12 hours” in anticipation of a cyber attack.
The UK-based company was hit with a denial-of-service (DoS) attack last week by a hacking group known as Armada Collective, and was offline for roughly 45 minutes. The hackers responsible for the attack demanded a ransom and warned that if it was not paid the attack would recommence this week.
Moonfruit instead decided to take thousands of websites created using its service offline in order to strengthen security and bulk up its infrastructure.
“Moonfruit.com and your own sites will be offline from approximately 10am (GMT) today and will remain offline for up to 12 hours,” said Matt Casey, Moonfruit director, in a statement.
“As a result of the threatened attack on Moonfruit, we have taken the decision to make significant infrastructure changes which will offer us the best possible protection against these attacks today and in the future.
“We appreciate this is very short notice, but we hope you understand the unusual circumstances we are facing. We planned for every eventuality over the weekend, but the final decision to go ahead with these specific changes was made this morning.”
Moonfruit said after the initial attack that it had no intention of paying the ransom.
“Having investigated [Armada Collective] it is very clear that even if we were to pay them (something we would never consider) the attacks would not cease. In fact, whenever anyone has given in and paid them, the attacks get worse and the demands increase. We’re confident that we can fend off these attackers,” said Casey.
The company explained that the infrastructure changes were planned for the new year but were brought forward after the attack.
However, many customers have taken to social media to complain about the downtime affecting their business or personal websites.
@moonfruit notice of 12 hours downtime 8 minutes after its happened – seriously? Long term customer far from happy
— Thomas Lubbock (@thomaslubbock) December 14, 2015
@moonfruit massively ill timed for this to happen right on Christmas. Probably cost me a grand today. Understand the situation tho
— #LENG GOODMAN (@amnediel) December 14, 2015
@moonfruit I’ve just launched a promo concerned that clients are visiting blank webpage at least give us customers a way of informing them
— HAGH Apparel (@hagh_apparel) December 14, 2015
Ron Symons, senior director of engineering at A10 Networks, said he believed that Moonfruit made the right decision in taking the websites, including its own, offline.
“Moonfruit has responded in the best possible way to this threat by taking its services offline. By making this bold decision to pre-empt another incident, Moonfruit stands a much better chance of protecting its clients’ private data,” he said.
“The shutdown may be inconvenient now, but ensuring its infrastructure is equipped to deal with today’s increasingly powerful cyber attacks is in the best interests of those using its services.”