Australian SaaS recruitment portal under DDoS attack

By David M Williams
Monday, 16 November 2009 05:30

Security

Australian hosted recruitment software provider, RecruitAdvantage, is presently facing a distributed denial of service (DDoS) attack on its online TurboRecruit product. The company has taken parts of its sites offline, affecting customers and jobseekers nationwide.

TurboRecruit is a software-as-a-service (SaaS) product used by recruitment agencies around Australia to provide an all-in-one web-based candidate management system.

The software allows human resources professionals to define position vacancies, send these to popular job boards like SEEK, and work through the applications received, filtering and shortlisting candidates until an offer is finally made and accepted.

RecruitAdvantage notified its customers at 10:33am this morning that they were suffering DDoS attacks which were causing so much traffic the site was being slowed down and becoming unusable.

RecruitAdvantage told iTWire they believe the surge in traffic began late yesterday. At this time the company does not know who is behind the attack or what the motives are.

Given TurboRecruit is a hosted product for other organisations it is possible the attack is not aimed at either TurboRecruit or RecruitAdvantage at all but rather a client organisation.

The TurboRecruit system was taken offline around 10:30am while internal staff sought to determine which parts of the site were affected. This meant customers around the country were unable to create, edit or post job advertisements, or work on the candidate records. Jobseekers were unable to apply for any vacancies whose job postings lead to TurboRecruit.

By midday the company had pinpointed the attack was coming in through the front-end of TurboRecruit and switched the back-end client portal back on.

RecruitAdvantage has commenced logging to determine which client front-ends are being targeted and expect to have further insights as the day proceeds.