While DDoS attacks can pose a real threat to your small business, there are a few methods you can use to defend yourself and your...
A distributed denial of service (DDoS) is a type of cyber-attack that's increasing in frequency. It can take your site down completely and is very difficult to defend against, especially for small-to-medium businesses (SMBs). You may be affected by one if you are not the intended target, and sometimes even as a result of events that should be positive to your business. If you generate the majority of your revenues via a website this can be a crushing blow to your business. Here are some methods you can use to protect yourself, but first a little background.
A denial of service (DoS) attack is an attempt to make a service or machine unavailable to its intended users by consuming all the resources available. A distributed denial of service (DDoS) attack is exactly the same thing done over a wide distributed geography and IP address range, over a network of networks, e.g. the internet. A DoS attack typically works by firing off request after request to a web server (or other service like DNS, the service that translates domain names into IP addresses) as fast as possible without waiting for the response back. A server can generate infinitely more requests that it can handle responding to, so it is relatively easy to overwhelm one. In a DoS attack the source of the malicious requests can usually be identified and blocked relatively quickly.
With DDoS attacks, the same thing is happening, but from often tens of thousands or more compromised servers and computers working in a coordinated way from all over the globe, often referred to as a BotNet. In this case, the malicious requests are coming from such widely dissimilar sources that it can be very challenging to identify. DDoS attacks have increasingly become more commonplace from criminal organizations who use them as a medium for extortion as well as other cyber-attackers with malicious intent. Tools like the Low Orbit Ion Cannon, a tool claiming to be meant for testing your ability to defend against DDoS, have made creating these attacks much simpler and BotNets can be rented for less than $10 per hour. While these types of attacks can pose a real threat to your business, there are a few methods you can use to defend yourself.
DDoS Protection / Mitigation
There are numerous companies around the web who offer DDoS protection services. Prolexic was one of the first, but now there are many others including Verisign, CloudFlare, DoS Arrest and DefenseNet. These services typically work by directing all of your site traffic through their own infrastructure where it is sanitized of malicious traffic before it reaches you. They can be very effective, but are often cost-prohibitive to most SMBs.
Host In The Cloud
Hosting your site with cloud-based service like Amazon's AWS can offer you significant protection against most DDoS attacks when configured properly. Since these services are often widely distributed themselves, in the event of an attack only a subset of your users may be affected. This is often a good solution for SMBs, but can require additional technical knowledge to configure properly which may go far beyond your site's basic requirements. Also keep in mind that even AWS can go down.
Have A Second Host
Having a second host can work for you when you are not the direct target of the attack. Often companies' websites are hosted on shared or virtual private hosts, meaning your site resides on the same physical server as another site which may be under attack. If you have a second hosting provider on standby, where your site exists in tandem, you can simply switch your DNS to point there and move off of the host who is experiencing the attack. Depending on how dynamic your site is, there can be challenges with keeping the data in both hosting environments in sync, but this is a good basic option for preventing DoS attacks. In the event that you receive a very high volume of good traffic for some reason that your server can't handle, you can use your second host along with some DNS manipulation to attempt to split the load. In concert with a content delivery network (CDN), this technique is a good one for SMBs on a limited budget.
As attacks become more frequent and tougher to defend against it is increasingly important for SMBs to be aware and prepared. Preparing for a DDoS attack is a lot like buying insurance; you have to be prepared just in case, but hopefully you never need to use your backup plan.
(Image: Victor Habbick via freedigitalphotos.net)