French newspapers go offline, but hosting company rules out DDoS as cause

High-profile French media websites went offline for a few hours Friday morning, prompting frenzied speculation about “unprecedented” cyberattacks — but the hosting company behind the sites soon dismissed talk of a massive distributed denial-of-service attack.

A number of sites, including those of daily newspaper 20 Minutes and online news site Slate, went offline or were difficult to access from around 10 a.m. Paris time.

The outages followed hot on the heels of the overnight arrest of 12 people wanted for questioning about logistical support they may have given shooters in a series of deadly attacks last week around Paris. Twelve people were killed on Jan. 7 by two heavily armed men at the office of satirical news weekly Charlie Hebdo. Separately, a police officer was shot on the outskirts of Paris on Jan. 8, and the suspect in that incident then shot four customers in a supermarket on the edge of Paris on Jan. 9 before taking others hostage. He and the two suspects in the first shooting, by then holed up in a printing works to the Northeast of the city, died in shoot-outs with the police.

Weekly news magazine L’Express, one of the sites affected by Friday’s outage, speculated on the possibility of a link with the events at Charlie Hebdo. Threats had been made against French media and government websites by a group calling itself AnonGhost, under the banner “#opFrance,” in reprisal against threats and attacks by the group Anonymous against jihadist websites in #opCharlieHebdo.

From there, it was but a small step to assuming that the problems were the result of cyberattacks by jihadists. But the French sites affected late Friday morning were all hosted by the same company, Oxalide, which rents space in Equinix datacenters North of Paris.

L’Express later updated its report to include an update tweeted by Oxalide that ruled out a DDoS attack as the cause of the outage.

Oxalide first reported the incident via its Twitter account at 10.03 a.m. CET: “Incident in progress on our infrastructure – our teams are working on it,” it wrote, adding half an hour later that the incident “affects the network core.”

Ninety minutes into the incident, the company announced: “The source of the problem is identified. Part of our services are operational again.” Readers reported that the website at 20minutes.fr was working again.

Some 40 minutes later, more than 90 percent of services were up again, although suffering from perturbations, Oxalide said.

“The first elements in our possession allow us to exclude the possibility of an external DDoS-type attack,” the company said around 1 p.m. local time, before going on a few minutes later to say it was closing the incident and would provide a preliminary report early in the afternoon.

Peter Sayer covers general technology breaking news for IDG News Service, with a special interest in open source software and related European intellectual property legislation. Send comments and news tips to Peter at peter_sayer@idg.com.