In a perfect online world, there would be more people helping each other and fewer hackers and Internet criminals. Unfortunately, the online world is just as mixed up as the real world – with an unpredictable mix of both good and bad people.
While many use the Internet to gather valuable information for a more productive life, other unscrupulous characters use the web to steal, cheat and extort. One of the tools online hackers and criminals use to achieve these nefarious goals is the DDoS attack, namely Distributed Denial of Service.
The basic definition of a DDoS is relatively easy to understand; it can be best described as the joining together of many computers or devices to make an online site or service unavailable by overwhelming it with traffic.
The onslaught of connections from a large number of Internet connected computers or devices overwhelms the site or service server by attempting to connect to the site or service all at one time. Because many Web servers cannot handle so many simultaneous connection attempts, the site or service often fails and starts to reject all connections, thus making the server unavailable to all.
A joint study produced by Verisign and Merril Research shows that about one-third of all Internet server downtime can be attributed to DDoS attacks, and another informative report from Arbor Networks states that more than 2000 such attacks occur every day.
So, as you can see, DDoS attacks are so common that they threaten all of the Internet users all of the time.
While TV shows and movies often portray hackers as super-skilled activists capable of shutting down servers and networks all on their own, the reality is that they need a lot of help to pull off DDoS attacks. In fact, in most cases, it usually takes a large number of computers or devices to take down a high-capacity server. Hackers get around this requirement, though, by building networks of infected computers known as “botnets”.
Attackers build there virtual armies by spreading malware through emails, social media and websites in the form of free downloads, videos and enticing links. Once users unwittingly download the infected files on their computers, the hacker is then able to control them all remotely without the owners ever being aware. The hacker can then use the computers and devices to target a website or Web service to overwhelm it with a DDoS attack. In some cases, botnet armies may consist of millions of computers or devices.
After a hacker creates (or acquires access to) a botnet, he can use it to flood huge amounts of traffic to the target server or service. There are a couple of different methods a hacker can use to overwhelm the server or Web service. For instance, he may simply send more requests than the server can handle, or he may have infected computers or devices on the botnet send huge amounts of random data to use up all of the server’s available bandwidth.
Depending on the number of devices in the botnet, and the amount of data generated and transmitted, the attack may take out just a single server or may be large enough to consume all of the bandwidth or cable capacity of an entire country.
As long as the attack is ongoing, it is difficult for requests from legitimate users to reach the target server or service.
According to security company Trend Micro, a hacker can purchase a week-long DDoS attack for only about $150. This means that if the hacker doesn’t want to take the time to build his/her own botnet network, he can just rent one.
If you consider that the hacker may then turn around and demand several thousand dollars from the site or service owner (in order to cease the attack,) you can see that performing DDoS attacks can be quite profitable for unscrupulous criminals.
At Comm100, we have some experience with this type of extortion. In January of 2013, a hacker initiated a DDoS attack against one of our live chat servers and demanded payment as well as a list of our customers. Of course, we refused the demand and were able to restore full access to our customers. However, the attack did cause quite a bit of grief for both us and our customers for a brief period of time. Since that time, though, we have made significant advances in our ability to detect and defend against DDoS attacks.
Take a look at the message we received from the lowlife that initiated the DDoS attack and attempted to blackmail us for money and our customer list: “A sorted list of the customers of your company as websites and contact information. An email will be enough and 2000$ via western union. All this must be done today or we will be going down for a long while and the company will be losing all this list of customers…”
As you can see, this particular criminal showed little remorse and really intended to do us harm.
Most businesses that employ live chat on their website use systems hosted on servers owned by the providers. Regardless if you use a self-hosted system or one hosted by the provider, though, a successful DDoS attack can be devastating for your business.
If your live chat server becomes the target of a DDoS attack, your customers (and potential customers) will not be able to contact you for support or information about your products and services. That is, unless, your live chat provider is always ready for such an attack and able to defend against them.
If your live chat vendor is not ready for a DDoS attack, the result could be hours, days or even longer of a real support nightmare. Many live chat vendors claim that their systems are secure. Nevertheless, you should always ask for details as to how your live chat vendor ensures that your platform will remain available even when ruthless hackers or criminals attack.
A DDoS attack can not only prevent visitors from viewing your website or using your live chat application, but can also damage your company’s reputation and reliability rating considerably. Consequently, to avoid potential revenue losses or damage to credibility, you must take every precaution to protect not only your website but your live chat application as well.
As I mentioned above, we here at Comm100 have some experience in defending against DDoS attacks leveled against us by criminals and extortionists – quite a bit actually. And, we have learned a lot while defending our network against DDoS attacks. So much so in fact, that we are now quite capable of defending against even advanced or large-scale DDoS attacks.
At Comm100, we take system availability, network security, customer confidentiality and data safety very seriously. Consequently, we have taken many measures to ensure Comm100’s live chat servers are secure and always available.
We employ multiple methods of defending against DDoS attacks (and other types of intrusions) such as continuous security updates; the closure and blocking of unused ports; deployment of world-class DDoS mitigation software; traffic filtering and sensing technologies; hardened hardware firewalls; and adequate bandwidth to ensure constant availability and uptime of our live chat servers.
Even with continuous updates of defensive methods and strategies on a continuous basis, though, DDoS attacks and other intrusions are still a constant risk. At Comm100, we understand this and work daily to ensure that our security methods, protocols and technologies are up to the task of keeping customer data safe and our live chat system available.
We welcome any questions or concerns you may have concerning our security methods and are glad to help in any way we can to help you better understand just how important data security and system availability are to us. At Comm100, we believe that hardening our systems and methods is just one aspect of proper security; another important part is to be transparent with our customers with how we actually achieve that security.