720-891-1663
Return to the list of client alerts
Denial of service attacks, where an attacker attempts to throw so much garbage at your web or other public servers that the servers just die a horrible death, are a bit of a cat and mouse game. Hackers find new ways to make bigger and badder attacks and defenders come up with new ways to defeat them. If you don’t pay the hackers ransom, they will keep hammering your website for days until, they hope, you give in and pay the ransom.
There are a couple of basic parameters to a denial of service attack:
Sheer size – how many bits per second can the attacker send your way.
Multiplier – how many bits per second does the attacker need to send in to get X times that number out. The bigger X is, the easier it is to increase the attack to your company. Multipliers, called the amplification factor, of 250 to 500 times is what we are seeing in the big attacks.
Duration – how long can the attacker keep the attack up. On the attacker’s side, if he or she is attacking you, he can’t attack someone else and if he or she doesn’t think you are going to pay, then it isn’t worth it.
Technology – as hackers figure out new attack techniques, the defenders have to figure out new ways to stop it. If your ISP or DDoS protection provider can’t stop it, then your ISP will just cancel your service and now the attacker really wins.
So what about this attack?
Akamai said that the current attacks started at 200 Gbps in August, 2020, rose to 500 Gbps in September and then to 800 Gbps by February, 2021. That will shut down almost all systems and protections.
Next is the technology. This attack campaign uses the Datagram Congestion Control Protocol or DCCP. This is a new technique and current defenses may not work against this attack.
Next is the length. Early attacks only lasted a few minutes. Except for a few companies, if you get your web site taken down for a few minutes, you will probably cry, but life will go on. Some of these attacks have been lasting for up to NINE HOURS. If your web site goes down for nine hours every day for a week and your web site is critical to your business, that could be a problem.
For all but the simplest web sites, being able to take advantage of one of these DDoS protection services means changes to your web site.
Alternatively, if you get hit by one of these attacks, your customer will get some random error message like “could not connect to this web site” and will just go to your competitor.
Bottom line, these attacks are getting bigger, badder, longer and harder to defend against.
If your website is important to your business then you need to plan for what you are going to do if you get hit by one of these attacks. The attackers do not seem to have a preference for one industry or company size, so you should not count on that as a defense. That means picking a vendor and working with that vendor to make sure that you can run behind their service while still operating correctly.
In addition, the ransom demands are going up. One recent attack demanded 5 Bitcoins. That translates to around $300,000 at today’s prices. Are you prepared? Be Prepared; it is almost impossible to deal with this at the time of an attack. Credit: Bleeping Computer