Tags:

DDoS Attacks Are More Than Just a Technical Problem

By Unknown Friday, March 20, 2015
Black Lotus delivers award winning DDoS protection ranging from full network defense to website and server protection, 24/7/365. Learn more by visiting http://www.blacklotus.net or call (866) 477-5554.
“Hacktivism” is going mainstream, and DDoS attacks are becoming the weapon of choice. They’re inexpensive and fairly easy to carry out, especially if you take advantage of some of the “DDoS as a service” options that are out there. A DDoS attack takes a lot less effort than carrying a sign and rallying outside of a business’s headquarters, and it delivers a far bigger punch than the inconvenience of a protest. As a result, companies are going to need DDoS response plans, and those plans are going to have to cover more than just the technical aspects.

The BBC “attack”
The BBC provides an interesting example. The BBC recently suspended Jeremy Clarkson, host of the wildly popular Top Gear series. The suspension happened after Clarkson allegedly punched one of the producers, and it left the last three episodes of the season in question. Fans were outraged, and the hacktivist group Anonymous sent an open letter to the BBC in which they threatened to launch a DDoS attack if the BBC didn’t reinstate Clarkson. The letter read, in part, “You don’t want to piss of 300 million viewers. You are warned: DDoS cannons will fire if you don’t comply.”

A few days later, the BBC website went down. Despite the timing, the BBC says that the outage was due to an internal server problem rather than a DDoS attack.

The PR angle
We may never know whether the BBC outage was really due to a DDoS attack, but the BBC’s response raises some interesting questions. Why would an organization deny that it had been a victim of an attack? There are actually several reasons they might want to keep that quiet. For one thing, company executives might worry that customers will start thinking their information is at risk, or that the company’s services are unreliable. They might worry that publicly admitting their vulnerability would invite more attacks. Public companies might fear a drop in stock price. But there are other issues at play, too.

Hactivists tend to have a lot of popular support, and some organizations have experienced backlash after taking legal action against the hackers. On the other hand, not taking any action could invite more attacks. So executives might think it’s easier to just make the problem go away. And then there’s the whole extortion angle. If you give into hacktivists’ demands, even once, you’re opening the floodgates for more of the same. Labeling it an “internal server problem” might be the easiest solution, from a PR angle.


Whether or not the BBC outage was the result of a DDoS attack isn’t really the point, however. The point is that everybody is vulnerable. Even if your company is in the unlikely position of never having offended a single person, you’re still not safe from attackers who assail businesses because they’re bored—or just to prove they can. What systems does your company have in place to defend against DDoS attacks? How long would it take you to notice an attack was underway? How would you stop it? And what would your public response be? If you don’t know the answers to those questions, you need to find out, and you need to do it today.

Post Tags:

at 2:00 AM
Labels: , , , , , , ,