Last week, it seemed like the entire Internet was down. One of the biggest DDoS attacks against a major DNS provider, Dyn, crippled the Internet as users were unable to reach Netflix, PayPal, Twitter and other large websites. The attack subsided for a while, but then it resurfaced later in the week.
Usually, DDoS attacks are from a large group of desktop or laptop computers sending traffic to a single source. This large group of computers (referred to as a "botnet") can be thousands of unwary users from all over the globe. Their machines are infected with malware that allows an attacker to control each computer's processes including Internet activity.
Large websites have millions of visitors a month, but visits are spread out among several days. A DDoS sends all of this traffic within a few hours and eats away at a server's resources and bandwidth until it finally crashes. In this week's attack, traffic targeted DNS servers that hosted several large company domain name lookups. Because these companies used one DNS provider, it created a single point of failure when these DNS servers crashed. The result was a massive outage felt across the Internet.
What made this incident different from others seen earlier this year is that this one targeted IoT devices. Instead of using desktops and laptops, the hackers targeted mobile devices and IoT controls such as those that manage your home appliances and environment, DVRs, cameras and baby monitors. These devices have been a target for hackers in the last couple of years since they aren't built with security in mind and many experts reported that it was only a matter of time before hackers were able to use them for critical security breaches.
A DDoS attack is a major security incident that costs companies millions in damages. Luckily, by using cloud services, organizations can defend against these attacks. Instead of having one server in one location, cloud services allow you to have several servers located across the globe. This type of architecture prevents DDoS and makes it much more difficult for the attacker to take your service completely offline.
Take ServerPoint's ColossusCloud, for instance. Instead of hosting your servers in one location, our data centers provide replicated VPS servers across different geographic locations. This means that if one server at one locations goes offline, your services are still available from another location. This architecture removes the single point of failure security issue seen with the latest DDoS attack.Another question that comes up after these attacks is cloud security. While a DDoS can bring a server offline, unless there is a specific security hole within the hosted application, it does not inherently pose a security breach. The security issue with DDoS is based on the attacker's ability to bring down big services that the world relies on every day.
You can start out right and sign up for cloud infrastructure to eliminate any single point of failure. Get started with ServerPoint's cloud hosting services to ensure your website is always up and always available for your visitors.
If you'd like to find out more about how our cloud infrastructure can benefit your business, contact us at Serverpoint.com. We'll gladly answer any questions you might have!