Was Your Website Caught Up In Last Week’s Big DDoS Attack?

by
LinkedInCopyPrint

Granted, with all of the election coverage, you may have missed last week’s big news item about the “Doomsday of DDoS attacks” and if your organization’s site wasn’t impacted, then you probably made it through blissfully unaware of the havoc unfolding elsewhere. Nonetheless, this wasn’t a one-off event so here’s what you need to know about DDoS (Distributed Denial of Service) attacks, why this is different than usual, and how to check on the condition of your site should it get caught up in subsequent waves.

DDoS Defined

DDoS attacks are remarkably simple in that they compromise their targets by overloading them with web traffic. 300 people going through a door in a single file line can get through pretty quick when working in coordinated fashion but if they all try to smash through at the same time, you end up with the digital equivalent of a Three Stooges routine.

How These DDoS Attacks Are Different

Adaptistration People 043Traditionally, attackers target an organization’s website, which physically lives on a server. In most cases, these servers are located at one of dozens of major data centers where hosting providers rent and/or own server space.

Instead of focusing on the servers where your website lives, the most recent wave of DDoS attacks targeted the servers where DNS (Domain Name System) providers keep their systems running. DNS is what translates a URL, like adaptistration.com, into an IP address, which is what the internet uses to connect a web browser with the server where your website lives.

So if a DNS provider is shut down due to a flood of traffic, it can’t process incoming translation requests and connect internet users with the sites they want to visit.

Think of it this way, the website is a store you want to visit and you get there from your home using expressways and traffic signals.

The most recent DDoS attacks blocked the onramps and shut down the traffic signals along that road you need to take.

How The @*#! Did This Happen?

For the most part, the collection of providers that make the internet happen do a good job at dealing with traditional DDoS attacks but this one was different not just because of the target, but the devices used to create the traffic flood.

Instead of using desktop and laptop computers, hackers managed to compromise tens of millions (yes, millions) of devices known collectively as the “Internet of Things” (IoT), most notably, internet connected security cameras. But they include everything from internet enabled printers to DVR’s and televisions.

Hackers managed to compromise and control these devices to use as the source for the traffic flood and since these devices fall outside the normal control providers can influence over mitigating DDoS attacks, we ended up with last week’s mess.

Likely More To Come

The most recent attack focused on DNS provider DYN, who provides services for mega companies like Twitter, Netflix, Spotify, New York Times, and AirBnB. But there is no way to anticipate where or when the next wave of attacks will unfold, but most security experts are confident they are blowing in the wind.

What You Can Do To Help (because you may very well be contributing to the problem)

If you own an IoT device (odds are, you do) be sure that it has the most recent updates available. Many of the manufacturers responsible for making the devices used in this latest DDoS attack were not doing what they should via keeping their device software secure and forcing users to change the default username and password settings.

But they are starting to make those changes. And fast.

So be sure to download and install those updates coming from the manufacturer. In some cases, the devices can’t be updated and manufactures are already sending out recall notices.

What To Do If Your Organization’s Site Gets Hit

  1. Don’t panic.
  2. Don’t scream at your web and DNS providers but do contact them to inquire about the trouble and ask for status updates.
  3. Do have a plan on hand to contact ticket buyers letting them know your site may be down on the day of an event and if so, provide a list of ways they can contact you otherwise.
  4. Do have a backup plan for digital communication channels in case your primary option is compromised (email marketing, SMS, social media platforms, etc.).
  5. Do have updated lists of event attendees and ticket buyers on hand in case you can’t retrieve them from a provider under attack.
  6. Do include some of the most commonly accessed items in those messages, such as directions, parking info, event starting time, etc.
  7. Do consider having multiple customer service points of contact. Phone, Twitter, Facebook, etc. are all susceptible but the more eggs you have in different baskets, the better.

About Drew McManus

"I hear that every time you show up to work with an orchestra, people get fired." Those were the first words out of an executive's mouth after her board chair introduced us. That executive is now a dear colleague and friend but the day that consulting contract began with her orchestra, she was convinced I was a hatchet-man brought in by the board to clean house.

I understand where the trepidation comes from as a great deal of my consulting and technology provider work for arts organizations involves due diligence, separating fact from fiction, interpreting spin, as well as performance review and oversight. So yes, sometimes that work results in one or two individuals "aggressively embracing career change" but far more often than not, it reinforces and clarifies exactly what works and why.

In short, it doesn't matter if you know where all the bodies are buried if you can't keep your own clients out of the ground, and I'm fortunate enough to say that for more than 15 years, I've done exactly that for groups of all budget size from Qatar to Kathmandu.

For fun, I write a daily blog about the orchestra business, provide a platform for arts insiders to speak their mind, keep track of what people in this business get paid, help write a satirical cartoon about orchestra life, hack the arts, and love a good coffee drink.

View all posts by Drew McManus | Website

LinkedInCopyPrint

Related Posts

Leave a Comment