Bandwidth CEO: Tech firm didn’t pay ransom during DDoS hit

David Morken, the CEO of Bandwidth

David Morken, the CEO of Bandwidth


For the first time since a cyber attack hit Raleigh tech firm Bandwidth, the company’s CEO, David Morken, publicly addressed the fallout from the event, saying his company did not pay a ransom before beating back its hackers.

In late September, Bandwidth, which makes software for internet-based voice and text communication, suffered a DDoS attack, or distributed denial-of-service, that caused interruptions for some customers.

The outages stand to cost the company millions of dollars, it has said.

The cyber attack “was an unprecedented size and in a very unique way,” Morken told investors on Monday, before adding he was “confident (in) the way that we have adjusted our defenses (and) that we can withstand this and other similar threats going forward.”

Bandwidth is one of the country’s largest providers of VoIP technology, which helps companies connect phones and messaging to customers over the internet. The company provides key services that make phone calls possible on platforms like RingCentral, Google and Zoom. It also helps many 911 emergency services handle call traffic.

Cyber attacks up 125% in past year

Bandwidth was hardly the only VoIP company to be hit by an attack that month, and, in general, cyber attacks have swelled to record levels in the past few years. Over the past year, cyber attacks have increased by 125%, according to Accenture Security, a consulting firm.

These events can be costly, as they can lead to business being halted or customers looking for new options.

Indeed, Bandwidth told investors that it expects the DDoS attack to cost it between $9 million and $12 million, as some customers shifted to other providers, usage dropped and some customers claimed credits for service.

“We count many of the world’s largest and most sophisticated technology leaders as our customers and a number of them joined us in our situation room,” Morken said during Bandwidth’s third-quarter earnings call. “… Nevertheless, a number of our customers did move services to other options.”

Morken added that “many of those customers have already brought their business back,” and that he is confident more will return.

Some Bandwidth customers left, then came back

Some of its customers, Morken told an analyst, moved to competitors such as Verizon, AT&T and Lumen Technologies. Those customers returning to Bandwidth, he added, are not being offered discounts but are resuming their old terms.

Despite the attack, the company told investors it closed several large deals during the quarter, including a Fortune 200 company. Morken said the attack, in some ways, has demonstrated its resiliency to potential customers.

“The reason is we have successfully fought back against the latest methods (of attack) in the VoIP space that before now were unheralded, unprecedented,” Morken said.

“We essentially won, and so the conversations with customers have gone something like this: ‘There is no better place on the planet to go than Bandwidth right now, regarding DDoS attacks worldwide.’ … It comes with scars, but we bear those scars proudly.”

Morken called the efforts at combating the attack a “running gun battle” that lasted multiple days, with attacks coming in from “different nation-states.”

Bandwidth eventually had to bring in Cloudflare, a cyber security company, to help it resolve the situation, after its first line of defense could not stop the entirety of the attack in the first 48 hours. Morken said the hackers had created an issue Cloudflare had never seen before, and that it is now being used as a learning moment for the entire industry.

Bandwidth shared information with competitors

One analyst, Pat Walravens of JMP Securities, pointed out during the call that a pop-up from Cloudflare now shows up when you visit Bandwidth’s and a least one other competitor’s website.

“We immediately reached out to our top competitors and shared everything we knew,” Morken said. “We told them get ready, it’s probably going to hit you next. Here’s what we did. Here’s how we did it. Here’s the playbook and shared openly.”

Beyond the talk of the cyber attack, Bandwidth told investors that its third-quarter revenue was $131 million, up 54% year-over-year.

Since the attack began on Sept. 25, the company’s shares have fallen $19.64, or 16.6%, to $85.83 per share as of Tuesday afternoon.

Bandwidth has been one of the fastest-growing companies in the Triangle in the past few years.

The company has pledged to hire more than 1,000 employees in Raleigh in the coming years, and is building a new headquarters at the corner of Edwards Mill and Reedy Creek roads.

This story was produced with financial support from a coalition of partners led by Innovate Raleigh as part of an independent journalism fellowship program. The N&O maintains full editorial control of the work. Learn more; go to

This story was originally published November 9, 2021 3:44 PM.

Related stories from Raleigh News & Observer

You may also like...