An Overview of the GoDaddy Attack and How to Prevent it From Happening to You
On Monday September 10th, GoDaddy.com – the massive domain registrar and webhost – serving more than ten and a half million customers, was put out of action for several hours reportedly by a lone hacker. For the readers who don’t understand how exactly GoDaddy was brought down, it was the victim of something called as DDoS attack (although GoDaddy officially denies this claim and attributes the outage to simply router failure - but it is a doubtful statement because a single router failure in one network cannot affect the other as a result of which such vast outage would not have occured, leaving us to a single conclusion that it was definitely attacked and such large attack can only be a DDoS attack).
What Went Wrong With GoDaddy
DDoS stands for Distributed Denial of Service attack and is carried out by multiple computers (somtimes ranging in millions) working simultaneously by sending an overwhelming amount of requests (simulated traffic) for external communication to a single site. After a certain point, the website buckles, and no longer accepts any traffic, disallowing even real visits to the site.
What We Can Learn From This
One of the best things that can be taken as a lesson from this recent incident is knowing what exactly a D.D.o.S attack is. It’s very important to know about such an attack if you wish to have any minuscule chance of resolving one. Approaching this problem involves a careful assessment of the risks these attacks pose to your business. Remember DDoS attack is like an HIV virus with no known cure but steps can be taken to identify it in early stages which can lead to less damage.
Is Any Website Safe?
The anonymity of the Internet allows attackers to easily remain untraceable, which limits the ability of the legal system to hold the attackers accountable. If someone wants to stop your flow of traffic with this attack, it’s probably going to happen. What’s important is whether you know when is it going to happen. The safest bet is to have a plan for how to handle a DDoS. attack and clean up the mess after the event takes place.
How is a Distributed Denial of Service Attack Carried Out?
Typical DDoS. attacks are carried out in two phases; Intrusion phase in which networks are installed with malicious codes and the Attack phase in which the installed codes on zombie computers (infected PCs and networks which have no idea they are infected and are being used) are actually executed (either by the attacker itself or by a pre-set time ) to target a specific website.
What Steps Can You Take To Protect Your Site?
A quick fix? Change your password and make a strong password using some efficient tool (like this)! Now, an attack like the one on GoDaddy will not last forever, so it is important to have a response team available at the moment the attack is over which can thoroughly check the system to access damage and identify vulnerabilities in the system. It’s extremely important to have a predetermined strategy, instead of coming out of the attack’s long dark tunnel absolutely blinded.
Hardware and structural defenses can also be put into place that can somewhat prevent low end attacks, or at least potentially minimize high end attacks. It’s important to know your system as well. By knowing what is normal, you can quickly recognize what is not and potentially identify a DDoS attack even before it is fully trigerred. Consider monitoring and recording your network traffic and server application activity over an extended period so that you have a good sense of what is typical activity for your organization.
Safe Hosting Alternatives
In all honesty, GoDaddy.com is a very reputable web host; but for those who are looking for a bit more security Moniker, Heroku, Enom and HostGator are very viable options.
Article written on behalf of Computech City. Computech City which offers Medical IT Services for Central Florida. It also offes managed IT services, HIT consulting, HIPAA compliance audits, meaningful use risk assessments, EMR hosting and implementation, disaster recovery, data back-up solutions, and medical office set-ups.