Normally attacks like this are aimed at IP addresses, but we switched the IP several times and traffic kept following, which leads us to believe the attack was a deliberate one.
Riverside, CA (PRWEB) May 09, 2011
Although high-profile corporations like Sony, PayPal or WikiLeaks make for more obvious targets, other online businesses are not excluded from the threat of web attacks and cyber crimes. That was certainly the case for home security and surveillance systems online retailer HomeSecurityStore.com, who recently went head to head with an online opponent and won, according to Home Security Store Vice-President Ralph Winn.
Distributed Denial of Service (DDoS) attacks have been used to censor critics, take down rivals, wipe out online competitors, and even extort money from legitimate businesses. If you are a website owner of any size and have not worried about web attacks before in the past, perhaps now is the time to look at prevention and protection.
A DDoS attack is an increasingly common kind of web attack and Internet phenomenon. It is an attempt to shut down a website by flooding it with nonsense requests.
“Imagine if thousands of people called your cell phone all at once,” Digital Things IT Consultant Michael Gioan explained. “You would not be able to handle that amount of incoming calls, and in turn no one would be able to get through.”
Gioan says that DDoS attacks are growing bigger because attackers have a bottomless pit of resources at their command such as botnets with millions of hijacked machines that can be used to launch the assaults.
Even domain name registrar giant and web hosting provider GoDaddy.com recently fell victim to a 21-million-packets-per-second DDoS attack affecting thousands of customers. As GoDaddy.com wrote on their blog –
“To put that into perspective - If it takes 5 packets per second to load the average website, then clicking refresh a few times would generate 20 packets per second. So think of 21 million packets per second as clicking refresh on your browser as fast as you can, while inviting 10 million of your closest friends to join you.”
Another good example of a recent DDoS cyber crime attack hit home security systems online retailer HomeSecurityStore.com. Once hit, Home Security Store staff quickly organized engineers to solve the problem and restore service.
Gioan, who consults Home Security Store, says, “100 times more than normal peak time traffic was coming into HomeSecurityStore.com. This of course in turn, shut down the web server. Normally attacks like this are aimed at IP addresses, but we switched the IP several times and traffic kept following, which leads us to believe the attack was a deliberate one on the company.”
Ultimately, Home Security Store was able to fend off the DDoS attack by implementing a mitigation system which cleans and filters bad traffic.
While most website cyber crime attacks are not without names, it is often impossible to catch a culprit when you simply don't have a face to link to the crime. Prevention, therefore, is ultimately the key.
“The best thing for companies to do is follow their traffic load and make sure they can take a more serious load. No one can pay for 1000 times their normal traffic, but building in some wiggle room is advisable,” Israeli Interent security researcher Gadi Evron tells CSOoonline.com.
Evron adds, “Building the network gear and net-facing applications to be able to withstand abuse, or at least not fall under it, is critical. From there, the best thing to do is have more than one uplink, and have a good relationship with the ISPs for mitigation.”