Charlotte has been a project manager since 2014. She gets excited about Kanban and loves Trello.
Keep me updated!
Subscribe
A few weeks ago the news in Sweden reported that there had been directed DDoS attacks on some major news sites and banks. I received questions from worried clients like ‘what is a DDoS attack?’, ‘can we be protected?’ and ‘who should I contact?’
In short, a DDoS attack is some external party trying to shut down your website via a targeted overload attack. It’s like a traffic jam on a highway where it is not possible to drive regardless of how much you try. The overload attack is typically carried out from thousands of computers simultaneously, usually hijacked by a virus or a trojan. The consequence is that anyone who tries to reach your site fails and only receives a message stating ‘denial of service’. This can of course be devastating for a business.
If it’s a small attack the IP address that attacks the server can be blocked, but if it’s a major DDoS attack you needs to search for a pattern in the attack. Is the attack coming from a limited geographical area or is the calls of a certain type? Then you block IP addresses based on that.
In some cases the attack is too big for IP blocking to work and then you need to do a null route which means that all calls to the point of attack are directed against a route table at the internet provider level and is dropped (ignored) rather than forwarded (also called black hole filtering).
When the attack ends, which could be anywhere from one hour to several weeks, you end the null route and everything is back to normal.
DDoS attacks are dependent on hijacked computers. Usually you will not know if your computer is hijacked and used to support a DDoS-attack. Therefore, it is important that your antivirus software is up to date and do not accept and store files you don’t recognise. Keep your computer clean of junk files, virus scan regularly to reduce the risk that your computer is involved in a DDoS-attack. If everyone kept their antivirus software up to date it would be much more difficult for anyone to conduct a DDoS-attack.
Don’t wait to contact your server provider, do it today, to see what protection they have regarding DDoS attacks and what action plans they have in place if it happens to you.
If you want to read more about DDoS attacks or see a live data visualization of DDoS attacks around the globe you can visit the digital attack map.