DDoS attacks: your questions answered | Heart Internet Blog – Focusing on all aspects of the web

Every nanosecond, someone disagrees with what someone else has said on the internet. Most of these people leave an angry response or meme on a comment thread and then promptly forget about it.

However, a minority take it much further and use technology to attack websites and other online presences of businesses and organisations that they don’t agree with, making them temporarily inaccessible.

No host, server or website is immune to these large scale Distributed Denial of Service (DDoS) attacks, and they have been rapidly increasing in magnitude and frequency in recent times.


What is a DDoS attack?

If you’re explaining a DDoS attack to your customers, this link is really handy for simple, clear information laid out in both video and text form: Understanding DDoS. It’s tricky to get the right balance; you don’t want to scaremonger, but you also want to be honest and explain that everyone is in the same boat; it’s nothing anyone anywhere in the customer-reseller-web host-data centre chain has done wrong, nor is it a problem with the servers or networks. 

Google has also produced an excellent video explaining it as part of their Project Shield initiative:

In real-world terms, it’s comparable to a flood or tsunami. You can build strong defences to counteract the force of the water, and a lot of the time it provides the necessary protection against the elements. But if the force of the water is strong enough, the defences will be penetrated. In hosting terms, this is when websites become inaccessible as servers can’t cope with the amount of fake traffic being sent.

Web hosts everywhere have all kinds of advanced security measures in place to mitigate attacks, and most attempts never have an impact on servers. But over the past few months, they’ve grown extremely rapidly in both size and frequency; in many cases, the web is seeing attacks that are over 90% stronger than before. All kinds of companies and websites all over the world have been taken down by DDoS attacks in the past year or so: Microsoft and Sony, Bank of America and JPMorgan Chase, PayPal, Reddit, and countless others. Anyone can be a target for any reason: political, cultural, or 'just because'.


What do you do when a DDoS attack is happening?

DDoS attacks are treated similarly to any other kind of downtime (see What happens during downtime and what causes it? for more information on that). We have multiple security teams in different locations as well as system administrators and engineers who work round the clock to stop the attack and reduce its impact as quickly and effectively as possible. Our security infrastructure and protocol means that our engineers and administrators are already working on mitigating it before you’ve noticed it happening. Once it’s resolved, it then takes some time for all the websites to come back online.

During the downtime, you may find your services and our website inaccessible. All service updates will be posted on our system status page , although this may take a few minutes longer than usual. If a large scale DDoS attack occurs, the problem will most likely be reported and then marked as successfully resolved with no further updates in between. This is purely due to the nature of the issue and how it is dealt with, and isn’t a cause for concern. As with any issues affecting our platform, we focus as much resource and intelligence on returning your services to normal as quickly as possible, so please rest assured that we have the industry’s best working towards a resolution as quickly and effectively as we can. The best thing you can do during this time is sit tight, check the status page for news, and wait for your services to come back online. You don’t need to worry about it affecting data or files as it’s a purely external attack rather than websites being hacked into.  


What steps are you taking to stop it happening?

This is by far the most difficult question to answer, because we’re caught between a rock and a hard place. If we describe our strategies, the steps we’ve taken, and our plans moving forward, we give potential attackers information they can use to their advantage. If we don’t provide any details, it leads to frustrated customers who question whether anything is being done at all.

All we can do is ask you to trust us. It will always be a challenge of staying one step ahead, and it will be an ongoing battle, but it’s one we have never taken lightly. We’ve invested time, resources and intelligence to stop a significant number of large scale attacks, and our solutions to date have allowed us to resist attempts on servers at a much higher level. We have concrete plans in place to implement further changes to make our infrastructure even more resilient and use the resources available to us to maximise stability moving forward.

Talking about DDoS attacks publicly is extremely difficult for any company, which is why they tend to avoid it. It gets bad press. It potentially gives attackers an unwanted insight. It can cause scaremongering and the spread of misinformation about security. But equally, pretending that the problem doesn’t exist doesn’t make it go away, not least because it’s a global challenge for everyone with any links to the web. Last year I promised more transparency and communication from us to you, and we owe it to you to provide the resources and tools to help you explain DDoS attacks and their potential impact to your visitors and customers.

We know that this isn’t an easy thing to deal with; service disruptions are aggravating and frustrating for everyone at all levels, and we’d like to take this opportunity to reassure you we’ll continue to fight this, prevent it, and work towards a happier web for all. We hope you’ll join us in fighting for a web that supports freedom and respect.

Thank you. 

Comments

Please remember that all comments are moderated and any links you paste in your comment will remain as plain text. If your comment looks like spam it will be deleted. We're looking forward to answering your questions and hearing your comments and opinions!

Got a question? Explore our Support Database. Start a live chat*.
Or log in to raise a ticket for support.
*Please note: you will need to accept cookies to see and use our live chat service