CWL Authentication Service (Auth2) is experiencing degraded performance due to DDoS November 18, 2014 17:32 UPDATE

CWL Authentication Service (Auth2) is experiencing degraded performance as a result of a targeted Distributed Denial of Service (DDoS) attack.

Users accessing CWL Auth2 enabled services may encounter slow logons or timeouts during the authentication process.

The following services are dependent on CWL Auth2:

  • Authentication to PeopleSoft portals (Administrator and Employee Self-Service),
  • API transactions by Academic System Support applications.
  • prospect account creation.
  • CWL UIs for account management (example: password reset, account creation, administrator management of account).

Other IAM services, such as CAS, Shibboleth, AccessUBC, and Enterprise Active Directory, are currently unaffected.

Attacking IP addresses include:

Mitigations have been put in place but attacking IP addresses are changing daily and likely belong to compromised systems, running as part of one or more botnets. IT support staff are encouraged to check their logs for successful connections, for the period of Nov 15th to today, from these addresses. Please report any suspected compromised systems or accounts to