What 'DDoS' Attacks Are and How to Survive Them
Consider what happened to Los Angeles-based business-planning publishing and advisory company Growthink. Last September, a surprise flood of bogus traffic knocked its website off the internet for several days. Growthink turned to its hosting firm for help, only to have its website sidelined so other sites wouldn't be collateral damage. It finally recovered by hiring a DDoS-protection firm, BlockDos, to filter out the bad traffic. Then it moved to a new hosting service, Rackspace, so it would be better prepared next time.
"It was pretty intense," says Kevin McGinn, Growthink's IT director. "We had no idea why we were being singled out."
Growthink had suffered a "distributed denial-of-service" attack. In a DDoS attack, legitimate site visitors are denied access by hackers who immobilize the site either with a flood of bogus internet traffic or a surgical strike that exhausts the resources of a specific web application. Successful attacks can cripple business operations. Growthink estimates its website outage erased $50,000 in revenue.
Related: Why You Might Need to Rethink Your Internet Security -- Now
As Growthink discovered, it isn't always clear who's out to get you. Experts say e-commerce outfits and other businesses that rely heavily on the web for their livelihoods are most at risk. Smaller companies are most often attacked by unscrupulous competitors and extortionists, although disgruntled former employees, vandals and "hacktivists," or hackers with a political agenda, are also known culprits.
With both the number and ferocity of attacks rising, DDoS incidents are a growing threat. In the last year, CloudFlare, a San Francisco cloud-based web performance and security firm, said it has seen a 700 percent rise in DDoS traffic.
Small companies are increasingly finding themselves in the crosshairs, experts say, as the cost of mounting attacks drops and large companies get better at stopping them. Attackers can rent "botnets" of 1,000 hijacked malware-infected home PCs capable of taking down sites of most small-to-medium-sized businesses for only $400 a week, according to Incapsula, a competitor to CloudFlare that's a subsidiary of security firm Imperva, both of Redwood Shores, Calif.
Even modest extortionists can profit. Australian e-commerce company Endless Wardrobe received an email in May demanding $3,500 via Western Union. When the firm didn't comply, its site was knocked offline for a week by a torrent of bogus visits. The downtime cut revenue by at least the amount of the demanded ransom.
Here are tips on how to survive if you find your business under a DDoS attack, too.
Related: How to Make Your Website Hacker-Proof
Find a hosting service or ISP that will help.
Many hosting services put large numbers of small websites on the same servers to boost efficiency. That's fine until one site is attacked and the hosting company takes it offline so other customers on the server aren't hurt as well.
Check your contracts and speak with your hosting service or internet service provider, or ISP, to find out what it will do if you come under attack. Will it help you stop the attack and recover, and if so, at what cost? Will it send you a giant bill because an attack generated a ton of extra traffic to your site?
A growing number of these service providers are offering security features, including DDoS protection, as a way to differentiate themselves in a crowded market. Such companies, which often employ technology from specialists such as Arbor Networks, include Firehost, Rackspace and iWeb.
Companies that provide website acceleration services also often help fend off DDoS attacks. For instance, CloudFlare provides a free basic level of DDoS protection that it says will stop most attacks, and two tiers of service at $20 and $200 a month that can stop larger attacks. Incapsula includes DDoS protection as part of its Enterprise tier of service for an undisclosed fee.
If you're targeted with a highly sophisticated attack, however, you may want to consider hiring a DDoS-protection specialist, such as Prolexic, a cloud-based security company based in Hollywood, Fla.
Investigate ways to fortify your site.
CloudFlare co-founder and CEO Matthew Prince suggests using nginx web server software -- favored by the likes of Netflix and WordPress -- because it can be more resistant to DDoS than other programs. He also recommends using the latest versions of your web software, such as WordPress and shopping carts, to prevent some application-based attacks.
Related: How to Determine If Cyber Insurance Coverage Is Right for You