Responding To a Denial of Service Attack
A DDoS, or Distributed Denial of Service Attack occurs when a malicious person or organization targets a specific website by flooding it with requests to the point that the web server can no longer handle the traffic and the site stops working. Such as attack is often accomplished by the attacker distributing a malware computer program and installing it on thousands or more computers across the Internet and using those computers to attack a site.
Why would a person do such a thing? There are a few typical reasons:
1. Because they want to target an organization for political or ideological reasons.
2. They are being paid by someone to "take out" a website. There is actually an industry for launching DDoS attacks.
3. The perpetrator is bored and has a warped mind and carries out random attacks because it is a fun thing for them to do.
Whatever the reason, such an attack can render a website, or entire web server, inoperable, and requires significant resources in order to thwart such an attack. Attacks typically target large, high-profile websites, such as the New York Times, Amazon, or Defense Department. But, any site could be the target of an attack.
These are the steps HEROweb will take if a site is under attack:
1. We will analyze the nature of the attack and do everything we can to block or minimize the impact by filtering out the malicious requests. Some attacks are at a low enough level that they do not compromise the performance of the server.
2. When server performance is negatively impacted, HEROweb will either need to take the site offline until the attack subsides, or, the site owner can consider utilizing a third-party DDoS mitigation service. These services typically cost in the hundreds of dollars a month. They specialize in filtering traffic to a site and and have large networks that can "absorb" the malicious traffic and only send through traffic that meets certain criteria.
3. A DDoS attack can last anywere from a few days to weeks. HEROweb will work with you to monitor the traffic levels. Once they return to normal, DDoS mitigation services can be removed and the site operation can return to normal.
Although DDoS attacks do not compromise the security of the data on your site, they are one of the most insidious and frustrating type of attacks as they are very difficult to defend against. HEROweb makes every effort to minimize the impact of such attacks, but the unfortunate reality is that an attacker can inflict a lot of damage on a website if they choose to do so.