In September of this year, the FBI warned US companies that there had been a large increase in threats of DDoS attacks from organizations attempting to extort ransoms from companies of all sizes, across industries. These extortion attempts typically threaten companies with a DDoS attack if a ransom of between 10 and 20 Bitcoin (roughly $113,000 to $226,000) isn’t paid.
These are threats that all businesses with a website need to be aware of and protected against. Even a small practice website is vulnerable. So what exactly is a DDoS attack? What should you look for? And what protections can you put in place now to ensure you’re not harmed by an attack? Let’s find out.
What is a DDoS attack?
DDoS stands for Distributed Denial-of-Service. A DDoS attack is a malicious attempt to disrupt the normal traffic of a targeted website by overwhelming it with a flood of Internet traffic. These attacks are not an attempt to hack or breach your website to steal data but are usually associated with attempts to extort money.
Attacks are carried out by a remote attacker using computers and other devices that have been infected with malware. These infected devices send an overwhelming number of requests to the website resulting in a traffic jam that can slow or halt normal traffic.
A DDoS attack can be sustained for hours or even days, resulting in the website being unavailable or very difficult to use during the attack.
What can you do to protect yourself?
The FBI’s recommendation is to use a DDoS mitigation service. Such a service protects your website by filtering between the "good" and "bad" traffic to your website and absorbing the "bad" traffic.The best thing to do is contact the service provider that’s hosting your website and see if they have a preferred partner or suggestion.
If your service provider doesn’t offer or recommend a protection service, you can put one in place yourself. Some of the most well known DDoS Protection Service providers are Imperva, Cloudflare, and Akamai. These are just a few of a growing number of these providers. The cost for these services varies considerably, and it’s important to keep in mind that more expensive services typically are able to handle larger attacks. It’s best to do your own research to make sure you find a service that offers adequate security and fits your budget. Service providers like Cloudflare offer free or low-cost solutions for smaller websites.
What should you do if you receive a ransom threat?
If you receive a threat, don’t panic. If you’ve signed up for a DDoS mitigation service, then you should be fine. If the message threatens an attack, but it hasn’t happened yet, you may still have time to put a mitigation service in place. Many mitigation services provide emergency help.
There’s also a chance the threat could be an empty one, with the perpetrator having no ability to actually execute an attack. It’s difficult to determine if a threat is real or not, and taking the “wait and see” approach might be more stress than you want to handle. Receiving such a threat could be viewed as a good wake-up call to put protections in place before a real threat occurs.
Even if you aren’t protected, and the attack takes place as threatened, the FBI advises not to pay the ransom as it will only fund the operation and keep it going. Also, keep in mind that you will be dealing with a criminal enterprise. There’s no guarantee that paying the ransom will end the attack.
Even if your website is under attack, your Hushmail service is still available, so you can still reach out to your clients and they can still reach you if they need to.
If an attack does take place, The Cybersecurity & Infrastructure Security Agency advises the following:
If you think you or your business is experiencing a DoS or DDoS attack, it is important to contact the appropriate technical professionals for assistance.
- Contact your network administrator to confirm whether the service outage is due to maintenance or an in-house network issue. Network administrators can also monitor network traffic to confirm the presence of an attack, identify the source, and mitigate the situation by applying firewall rules and possibly rerouting traffic through a DoS protection service.
- Contact your Internet service provider (ISP) to ask if there is an outage on their end or even if their network is the target of the attack and you are an indirect victim. They may be able to advise you on an appropriate course of action.
Hushmail protects its services against DDoS attacks
The best course of action is to protect your website long before you receive a threatening email or experience an attack. It really is cheap insurance for your peace of mind. Hushmail uses a DDoS protection service to protect the services we offer. This helps ensure your email service is not interrupted.
Need a secure, reliable, HIPAA-compliant email service?
DDoS stands for Distributed Denial-of-Service. A DDoS attack is a malicious attempt to disrupt the normal traffic of a targeted website by overwhelming it with a flood of Internet traffic. These attacks are not an attempt to hack or breach your website to steal data but are usually associated with attempts to extort money. The best course of action is to protect your website long before you receive a threatening email or experience an attack.