720-891-1663
Return to list of client alerts
Assume you run a web site. Assume that web site is important to your business.
That increases the odds that you will be hit with a denial of service attack. While rare, they are not that rare.
The goal of the hacker is to throw enough garbage at your web site that it crashes. And, since they are doing that, you can’t get to it to reboot it.
So you call your Internet provider. Do you know what the first thing they are going to do? They are going to route all traffic going to your web site to the garbage can (officially called black holing or null routing). In their defense, they are doing that to protect the rest of their customers. After all, all of the customers in that data center are basically on a party line and if they have to route all of the garbage that is going to your site, the rest of their customers will suffer.
So, at the very edge of their network, they find all of the traffic attacking you and throw it away. Now, their network is protected and you are offline.
Often, the ISP will graciously agree to let you out of your contract so that you can find another place to host your website. While you are down and cannot get to your website to get your code and data from it.
There are many services that you can pay for that attempt to mitigate the damage and keep your web site up. Depending on the service and the type of attack, that can work or not. The bigger the attack, the more you have to pay.
Hackers use networks of compromised computers to launch these attacks. That way, the attacks are free to them. They compromise PCs and Macs, routers, firewalls, cameras, anything with a computer in it. Once it is under their control, it connects with a command and control server somewhere which gives it instructions on who to attack, how big and for how long.
These attacks have been going on for years, but attackers have been building bigger and bigger networks of compromised computers. To the point that you and your data center are likely not going to be able to mitigate the attack
But the cloud has a scale that is amazing. That allows the cloud to handle bigger attacks.
Microsoft said that it mitigated a 2.4 terabit per second attack in August. That is 2.4 thousand gigabits per second or 2,400,000,000,000 bits per second. By comparison, your typical home Internet connection might run at 250,000,000 bits per second (or half of that or a quarter of that), so this attack is the equivalent of taking the full bandwidth of 10,000 of those homes and directing it the target website.
All three providers – Amazon, Google and Microsoft – have all fended off attacks of this size. This is something that would be impossible and/or insanely expensive for you to do yourself.
You can hope that you don’t get hit. Or that the attack is small. Or short. Or the attacker only wants a small ransom. OR, you can prepare for things. Your choice.
Credit: The Record