Unexpected Server Load = “Malicious Attack”

As you well know by now, the Colorado Rockies server suffered a meltdown when World Series tickets came on sale. Rockies officials claim it was a malicious attack:

Colorado Rockies officials said Monday their computer system for online-only World Series ticket sales was the target of an “external malicious attack,” but online ticket sales were to resume at noon Tuesday.

Team spokesperson Jay Alves couldn’t immediately provide details of the attack.

You know what the attack was? Everyone wanted World Series tickets, and each customer was multiplied because as a group, they overcame limitations of 1 user 1 computer:

McLeod said he has Internet access from his apartment building but thought the library’s computers might be faster. His mother, father, uncle and girlfriend were trying to buy tickets from other computers, he said.

Or some overcame bandwidth exemptions:

Super-fast computers normally used only during emergencies were to be staffed Monday so state employees could buy Rockies World Series tickets online.

Until word of the plan got out, that is.

“I need volunteers to help push buttons in attempting access,” David Holm, recently the acting director of the state Division of Emergency Management, said in an e-mail obtained and released by KUSA-TV on Friday. “You will need to use break time, lunch time or leave time to do this and the only real perk I can offer right now is that if someone does not pay for their tickets within 3 days, you will get first crack at them.”

And here’s a guess: some ticket brokers or perhaps some developers came up with scripts that submitted orders to the Web site to improve their chances of getting tickets.

That’s not a “malicious attack.”

The servers failed from overwhelming demand. Of course, admitting that diminishes the brand, I suppose. But your company got to drink from the fire hose, Colorado Rockies; no one can fault you for failing to predict that your team would ever get to the World Series or what that could do to your systems.

Other stories on the breakdown:

And as a reminder, ungentle reader, your friend and mentor The Director would have found a problem here because he doesn’t run sissy load tests. However, no doubt the project would move forward even with the failure under extreme load because the stakeholders would be comfortable blaming DDOS.

Comments are closed.


wordpress visitors