Over 300 sites have been assaulted over the last few days with wanton DDoS attacks.
Namecheap, and now Aweber have been taken down. (Aweber has been affected for over 48 hours).
Crazy huh?
It leads a lot of people to wonder “Why aren’t the providers doing anything to fight these DDoS attacks!”
“How could these massive servers be taken down by a tiny little DDoS attack? Don’t these organizations have redundant servers for this type of situation?”
DDoS Attacks Are More Common and Dangerous Than Ever
The truth is – that DDoS attacks can be a real pain in the ass, if not IMPOSSIBLE to defend against!
That’s because each DDoS attack varies in complexity and size. Some DDoS attacks are overwhelmingly distributed and complex.
(A DDoS attack is a distributed attack where a network of devices overload a targeted server resulting in a Denial of Service. The network can be thousands of devices, hundreds of thousands or even millions of devices. – The devices might be located in the cloud, infected end-users, or the product of a host of malware vectors).
According to my calculations, millions of Americans are unwilling participants of different Botnets. A Botnet is the network that launches DDoS attacks. As a result, millions of Americans are actively participating in the distributed attacks that now plague hundreds of business owners, and hundreds of thousands of end-users.
The Difference Between a DoS attack and a DDoS Attack
A DoS attack is less severe than a DDoS attack. A DOS attack is a Denial of Service Attack. The main objective in a DoS attack is to overload a target server to the point of failure. This failure, is known as a “denial of service”.
A Denial of Service Attack originates from a single source. Therefore, it’s theoretically easy to defend against.
A Distributed Denial of Service Attack (DDoS) is increasingly potent, because the attacks originate from several (distributed) points.
With the Amount of Technology Available, DDoS Attacks are More Complex and Diversified than Ever
The main muscle of any DDoS attack is the complexity and size of its botnet. (A botnet is a network of infected machines). Each infected machine, is known as a “zombie”. Zombies might be an infected end-user, an infected webhost, or maybe even a collection of malicious scripts installed anywhere it can attach itself. I would estimate, that the vast majority of zombies are infected end-users, however there’s an increased implementation of cloud-based attacks.
Imagine for a moment the munition that hackers have at their disposal. There have never been this many resources available to create impactful DDoS attacks. (Namecheap has quoted their most recent DDoS attack to surpass 100Gbps (bits per second)). – That’s a boatload of traffic for any server to contend with, especially if the traffic is designed to further lag or otherwise attack the server.
(Other sources cite recent DDoS attacks to surpass 400Gbps).
Why Are Botnets so Massive and Scary?
Cloud computing, the increased network capacity of the average infected end-user (zombie), and the availability of zombies has resulted in DDoS attacks that originate from vast and varied sources.
It creates such a massive hoard of unique and diverse traffic that simply identifying and acknowledging this quantity of traffic will be cumbersome, especially if the traffic is designed to further stagnate or attack a target host.
It’s my hypothesis that some DDoS attacks can be impossible to defend against.
Organizations are then left with the choice. Incur infeasible cost of redundant servers to outmuscle a complex and damned-distributed DDoS attack, or to suffer the fate of any hacker with a botnet and a score to settle.
Why IT Security is Frightening for All Entrepreneurs
Basically, this DDoS attack has caused over 100,000 small businesses to be unable to communicate with their customers for over 48 hours. I won’t dare calculate how much money was lost as a result of these ongoing DDoS attacks, however one thing can be certain.
It’s never been more important to diversify your marketing efforts.
It doesn’t matter if you’re a Pastry Chef, an Astronaught, or a Political Blogger.
That’s why I’m always diversifying my marketing education, and ability to contact my subscribers.
Because you never know when your “bread and butter” technique will be made unavailable, for any duration of time.
Take care
Mike “Don’t DDoS Me Bro” DeVincent
mrcomputerscience.com