Should your site worry about a DDOS Attack?
Should your site worry about DDOS?
What is a DDOS attack? And more importantly, should you worry? These questions are increasingly being asked by SMEs and others who run small and medium-sized websites. But most of the DDOS attacks that you hear about affect the web’s largest websites, so why would someone want to attack you?
Let’s start by explaining what happens in a DDOS attack. They work by sending huge volumes of traffic to your website to overload your host. The traffic is not real though: it is bots, or automatic traffic. While this is happening real users cannot access your website. The attacks can last for hours or even days.
DDOS stands for Distributed Denial of Service. The “distributed” part is the important part as it has helped make denial of service attacks easier to implement and harder to stop. A DDOS attack doesn’t originate from a single location. Instead multiple computers are coordinated to implement the attack.
A good analogy is a picket line or protest outside a shop. The objective of the protest is to stop people going into the shop. They could do this by organizing ten or 20 like-minded people to stand outside to prevent customers from getting in. This is like a single point denial of service attack. A DDOS is like the protester somehow tricking 2,000 people into coming to the shop’s location. This has the same result of preventing real customers from getting in. But it is more effective, harder to prevent, and more difficult to stop once started.
Protests, Money and Old Fashioned Hacking
But why would someone want to do this to your business or your website? The main motivations for DDOS attacks are:
Extortion is simple bribery where proper criminals threaten website owners with a DDOS attack unless they pay money. There are cases where the amount of money requested is in the thousands of dollars, rather than hundreds of thousands or millions. This is probably because it is so easy to do now. In fact someone with little or no programming experience can get a DDOS attack up and running for a few hundred dollars.
Hacking and Anger
In many ways DDOS attacks motivated by a desire to hack are the hardest to anticipate and stop. They are often done simply because the hacker can.
But there is another form of hacking which is sometimes referred to as hacktivism. This is where hackers take down a website for a political reason as a form of protest.
The final motivation listed above is anger. Often this is the most personal type of attack and is usually carried out by a disgruntled employee or seriously annoyed customer.
Should You Be Worried?
Given how DDOS attacks occur and the motivations behind them, yes you should worry, regardless of the size of your business or website. Here is the summary:
- DDOS attacks are easy to implement and they are inexpensive
- People with limited programming knowledge can launch them
- At least one of the motivations will apply to just about every business
Let’s expand on that last point. You might not do anything on your website or in your business that would result in a hacker protesting against you. And you might be too small to interest a hacker looking to test his skills. But while you might be able to eliminate the “Protest” and “Hacking” motivations, you can’t eliminate the other two. Every business could be the victim of extortion, and any business could end up with a disgruntled employee or angry customer.
So what should you do about it? That depends on your risk analysis. You need to work out how much it will cost you if you are hit with a DDOS attack. This should include lost revenue, the time it will take to deal with the issue, and any loss of reputation. You then need to weigh this up against the cost of specialist DDOS preventing services, which are not cheap.
But even if you decide not to buy a specialist service there are some things you should do. To start with you should have plenty of extra capacity in your website hosting. This won’t prevent a DDOS attack but it is an inexpensive way to buy yourself a bit more time if you are ever hit. You should also have good monitoring in place so you can spot any attack as early as possible as the sooner you start dealing with it the easier it is to stop. And finally, you should have good website hosting and the telephone number of their technical support with you at all times, just in case.