Hosting provider Linode LLC was hit by a massive distributed denial of service (DDoS) attack over the Labor Day weekend that intermittently took services offline.

The company boasts that it is one of the world’s top providers of virtual private servers (VPS) and according to BuiltWith.com the company hosts over 500,000 websites across the Internet.

The attacks appear to have started to trickle in as early as Friday, Sept. 2, hitting the service’s Tokyo data center, but the brunt was identified on Saturday, targeted against Linode’s Atlanta data center.

At the time Linode network engineers noted on the company’s status page at midnight UTC on Sept. 4 that underway was “a catastrophic DDoS attack which is being spread across hundreds of different IP addresses in rapid succession.”

https://twitter.com/dun3buggi3/status/772428402200412160

From there the attacks strength only thickened. By Sunday, Linode’s active anti-DDoS defenses and the work of network engineers had somewhat blunted the attacks but also that day the attacks significantly ramped up once again.

The entire length and breadth of the attack would not subside until extremely late evening Monday, Sept. 5.

The dates and times of the attack sequence appear to have been timed to fit exactly into the extended three-day weekend of the U.S. Labor Day holiday.

Not the first time Linode has been struck with DDoS

Linode is a highly visible and widely used VPS hosting service and as such it is a big target for DDoS attacks. As such, this is not the first massive DDoS to hit the service. In 2015, attackers used a massive multi-week DDoS attack as cover during an attempted compromise of logins and servers hosted by the company that started during Christmas and lasted until early 2016.

According to Terrence Gareau, chief scientist of DDoS mitigation service Nexusguard Ltd., this is not an uncommon use of DDoS. Gareau told SiliconANGLE attackers often use denial of service as “a smoke screen to cover up hacking attempts to get into enterprise networks.”

DDoS attacks can be very bad for business, according to a study published in 2015 by Kaspersky Lab and B2B International (PDF document), depending on the size of the company, a single DDoS attack can cost a business $52,000 to $444,000. DDoS attacks weaken critical infrastructure and make it difficult for legitimate customers to connect (thus denying them access) and these attacks can also damage the reputation of businesses targeted as customers become frustrated.

Another Linode outage caused by DDoS. Second in the past year, it's getting old.

— Joe Brockmeier ⚛ (@jzb) September 4, 2016

In the case of the attack against Linode, those 500,000 websites hosted by the company could have been affected negatively as well as mobile and web apps that depend on connectivity. For example, Clojars, a community maintained repository of open source Clojure libraries (used in a number of open source web and mobile projects), suffered connectivity issues during the attack.

Featured image credit: via photopin (license)