Imagine 9000 Hackers Aimed at Your Web Site

When news began leaking out last week about the federal crackdown on MegaUpload, a once popular file sharing service, it didn’t take long for the loosely knit group of hackers known as Anonymous to band together and attack major sites including Whitehouse.gov, the Department of Justice website and Universal Music Group.

The Distributed Denial of Service Attacks (DDoS) went far and wide on Friday as the request went viral and reportedly more than 9000 individuals were involved at its height. Regardless of what you might think of Anonymous’s tactics, you have to admit they know how to attract attention and taking down some of the major US government and big media company’s web sites is a good starting point.

There is an underlying current of rage, frustration or indignation that clearly runs through every Anonymous attack, but this took those feelings to an unprecedented level — and you have to wonder as you sit behind the comfort of your fire wall, looking out onto the world, what you company might do to incur that wrath.

The thing about Anonymous is that it’s not a group with leaders and members in any conventional sense. It’s much more amorphous than that. People come and go. Some calls to action attract a lot of attention like the MegaUpload protest and some attract far less, but regardless of the number of individuals involved in any given action, the group clearly knows how to make life miserable for the IT pros in charge of the sites sustaining the attacks.

And the result is usually taking down the web site for a period of time until you can regroup and the attack ends. Much has been written about how to prevent a DDoS attack, which is deceptively simple in concept. The Feed Me blog explains that a DDOS attack is “…typically accomplished through flooding, a process whereby multiple clients generate traffic to your site that takes up all capacity of your site so it stops responding to legitimate request.” In other words, they flood your site until the resources get sucked up and it can’t deal with legitimate visitors.

Feed Me suggest to solve this, you out-capacity the hackers, a process that I’m guessing for most of you is easier said than done. I suppose if you had elastic resources like Rack Space or Amazon, you theoretically could continue to jack it up until the hackers got frustrated and left. I’m not sure that approach would work for most people though because, chances are you would blink before your bill got so large, you would have management screaming.

Simplicable offers 8 ways to beat DDoS attacks, including building excess capacity. There are many others listed in this Google Search results.

But what you need to do is research the problem before it happens because by the time you are in reactive mode, it’s probably too late to do anything about it.

Regardless, as the people entrusted with keeping the website running, you have to find ways to repel attacks. Sometimes it’s just not going to possible, as it was on Friday for so many of these targets, but you still need to be vigilant and keep looking for ways to beat back attacks of this type or expect to answer why you couldn’t when the management team comes calling.