Wow. The vulnerability here is stunning. Yesterday there were all sorts of delays and timeouts on the NWS main page. The reason turned out to be a single overzealous app that was querying the page for data, and the CGI processes to serve up forecast data on a city by city basis got overwhelmed. Apparently the devloper didn’t know there are more efficient ways of getting the forecast data. The National Weather Service’s Telecommunication Operation Center posted this message on its status page yesterday afternoon:
KWBC 251835 TO – ALL CUSTOMERS SUBJECT – POINT FORECAST ISSUES WE ARE PROVIDING NOTICE TO ALL THAT NIDS HAS IDENTIFIED AN ABUSING ANDROID APP THAT IS IMPACTING FORECAST.WEATHER.GOV. WE HAVE FORCED ALL SITES TO ZONES WHILE WE WORK WITH THE DEVELOPER. AKAMAI IS BEING ENGAGED TO BLOCK THE APPLICATION. WE CONTINUE TO WORK ON THIS ISSUE AND APPRECIATE YOUR PATIENCE AS WE WORK TO RESOLVE THIS ISSUE.
NIDS – KM
Today, we have this new message:
Last Update: Tue Aug 26 14:50:01 2014 GMT
NWS TOC Operational Status Message
Tue Aug 26 02:42:58 2014 GMT
NOXX01 KWBC 260240 TO – ALL CUSTOMERS SUBJECT – POINT FORECAST ISSUES . AKAMAI HAS INSTALLED FILTERS WHICH BLOCK THE OFFENDING TRAFFIC. NIDS HAS VERIFIED THAT THE TRAFFIC IS BEING BLOCKED. ALL SYSTEM ARE NORMALIZED. WE APPRECIATE YOUR PATIENCE. PLEASE NOTIFY THE TOC AT TOC.NWSTG-AT-NOAA.GOV IF ANY FURTHER ISSUES ARE IDENTIFIED. THANKS FOR YOUR PATIENCE. NIDS – KM
I suppose a little bit of server hardening will be in order. This sort of thing wouldn’t look much different than a DDoS attack.
h/t to WUWT reader Paul H