A few weeks ago the news in Sweden reported that there had been directed DDoS attacks on some major news sites and banks. I received questions from worried clients like ‘what is a DDoS attack?’, ‘can we be protected?’ and ‘who should I contact?’
How long can your business be without your website?
In short, a DDoS attack is some external party trying to shut down your website via a targeted overload attack. It’s like a traffic jam on a highway where it is not possible to drive regardless of how much you try. The overload attack is typically carried out from thousands of computers simultaneously, usually hijacked by a virus or a trojan. The consequence is that anyone who tries to reach your site fails and only receives a message stating ‘denial of service’. This can of course be devastating for a business.
Is it possible to be protected?
If it’s a small attack the IP address that attacks the server can be blocked, but if it’s a major DDoS attack you needs to search for a pattern in the attack. Is the attack coming from a limited geographical area or is the calls of a certain type? Then you block IP addresses based on that.
In some cases the attack is too big for IP blocking to work and then you need to do a null route which means that all calls to the point of attack are directed against a route table at the internet provider level and is dropped (ignored) rather than forwarded (also called black hole filtering).
When the attack ends, which could be anywhere from one hour to several weeks, you end the null route and everything is back to normal.
Be honest, when did you update your antivirus software?
DDoS attacks are dependent on hijacked computers. Usually you will not know if your computer is hijacked and used to support a DDoS-attack. Therefore, it is important that your antivirus software is up to date and do not accept and store files you don’t recognise. Keep your computer clean of junk files, virus scan regularly to reduce the risk that your computer is involved in a DDoS-attack. If everyone kept their antivirus software up to date it would be much more difficult for anyone to conduct a DDoS-attack.
It is not a question if, but when
Don’t wait to contact your server provider, do it today, to see what protection they have regarding DDoS attacks and what action plans they have in place if it happens to you.
If you want to read more about DDoS attacks or see a live data visualization of DDoS attacks around the globe you can visit the digital attack map.