What October’s Massive DDOS Attack Can Teach Us About the Importance of Security

Anyone Else Having a Problem?

 

Something odd happened on the morning of October 21st, 2016. Many Americans, mostly located in the Northeast though it was nationwide at some level, experienced strange outages. Many tried to take to Twitter to ask the Internet if they too were having Spotify issues…only to find Twitter was also offline. A few thousand reset routers later and people began to realize it wasn’t their network connection that was the culprit. What had happened was a massive DDOS attack the likes of which we rarely see. Though they are happening with more frequency, this was the first one in quite awhile that affected large swaths of the population and disrupted their daily lives.

 

So, how do sites and services like Twitter, Spotify, Reddit, Wired, and even the New York Times all get taken offline simultaneously by one event? The answer lies in hosting. Many large-scale web services based on the east coast use Dyn as their DNS host. Because these sites are so heavily trafficked, they often use the same large hosting firms because they have the resources to provide speedy transit for visitors expecting to have nearly instant download times on a site with millions of simultaneous viewers. The downside of this solution is that it makes a company like Dyn an attractive target for malicious agents looking to cause service disruptions.

 

This huge DDOS event put a spotlight on quite a few issues. The security issues that arise from the always growing “Internet of Things” (it is theorized that access points came from simple network-enabled devices that lack the security measures of more advanced products), the danger of having a massive central hub, and the need to be more vigilant when it comes to the ever growing and intricate world of cybercrime.

 

But What is a DDOS Atack?

 

Before the major consumer and media targeted DDOS attack we saw last month, most of the media coverage was on DDOS attacks related to government intrigue and ransom from financial institutions. What they are, essentially, is a system overload. Think of it like a landline. If you have two people on the line (including call waiting) and a third person tries to call you, they’ll get a busy signal. A dedicated denial of service attack is like getting a million phone calls all at once so that no one can get through and anyone who tries is met with a busy signal.

 

Let’s go back to the concept of the Internet of Things and its culpability, again. Many DDOS attacks originate from relatively simple devices (in comparison to a full computer) such as smart thermostats or security cameras. Because millions of these devices are out in the world, they are a relatively easy and attractive target to create a “zombie army” of malware infected gadgets that flood sites with requests to take them offline. Because these devices aren’t initiating the attack, but are actually controlled from elsewhere acting as a proxy, DDOS attacks can be difficult to shut down.

 

One’s first instinct may be to try to block offending IP addresses. While this works for spammers on forum sites that operate under multiple user names but one device location, it isn’t effective against DDOS attacks because thousands of devices are launching an attack at once and because IP addresses can be forged. Consider what a simple VPN could do for the average user and then multiply it by thousands of machines backed by hacker know-how.

 

What DDOS Attacks Mean for Your Business

 

This isn’t to say DDOS attacks on their own are particularly dangerous. For example, they don’t actually break into locations and steal sensitive data. At their worst, they keep your site from being accessed for an extended period of time. Unless they are used in conjunction with other types of attacks, you aren’t at risk beyond your site being unavailable until the attack is over or thwarted. However, if you operate a small ecommerce business, being taken offline can be devastating. That’s hours of not making any money.

 

While it may seem like only really big sites get targeted in DDOS attacks due to the media coverage of them, the fact is anyone could be a target. Fifty-one percent of businesses suffered a DDOS attack in 2015. That’s why it’s important to have some sort of protection against these fairly common events.

 

You can identify a DDOS attack pretty early. As a business owner or someone managing a client’s site, you most likely keep a pretty close eye on what your typical inbound traffic looks like. Sudden spikes in traffic that seem unusual as far as location and duration can be signs of the beginning of an attack. From there you would want to contact your hosting company.

 

Of course if you’re currently responsible for managing your own server, this could be a tricky situation for you. You may be asking how you can defend yourself against these attacks and the answer is: it’s a little complicated. For the typical web designer or small business owner, the actual technical measures that can be taken may be beyond your comfort level. But if, hypothetically, you were running your own web server you could limit your router to prevent your server from being overwhelmed, add filters to your router to limit packets, time-out half open connections, and drop malformed packets. If reading that sentence made your eyes cross, then luckily KnownHost is here to help you.

 

How We Can Help

 

At KnownHost, we provide our customers with high performance managed dedicated servers and VPSes. If you’re currently with a hosting solution that leaves you to manage your own servers, the prospect of a DDOS attack probably preoccupies you quite a bit. After all, you’re responsible for spotting them and resolving them on your own. If you’re running a business or you’re responsible for hosting all of your clients’ sites, there simply isn’t enough time to be both security IT expert and the manager of day-to-day business operations. That’s why you should leave all your hosting needs to us. We have the experience to spot events as they occur and act to protect your site from the ill effects that they cause. Our hosting solutions are designed to keep your site up and running no matter the issue.

 

The team at KnownHost knows you want to focus on your actual business without having to worry about the safety and functionality of your sites. That’s why not only do we offer free backups and migrations, but we also include complementary DDOS protection. We include protection up to 500 gps and 700 mpps for bandwidth and packet intensive attacks. We use identifying and filtering hardware to make sure that your site remains online throughout the duration of the attack. Examples of the kinds of attacks you’re protected from include UDP Floods, NTP Amplification, DNS Amplification, Syn Flood, Volume Based Attacks, and Fragmented Packet Attacks.

 

If you’re looking for peace of mind, fast speeds, and the best uptime in the industry, contact us today and let us set you up with the managed dedicated server or VPS you need to help your business.

Read More

social media stats

Which Social Media Platforms Should You Use For Business

With over 100 popular social media platforms to choose from, how do you select the best for your business? You surely do not need to (nor should you try) to get on them all.

Some will work best for particular niches. Others may be dependent upon how much time you have to dedicate to the platform. Above all, you want to ensure that the platform will allow you to effectively talk about what your company represents.

Below are eight social media platforms you should start looking into.

Facebook

facebook user stats

As one of the largest social media networks that have over 1.4 billion active users, Facebook is great for just about any business. There are pages for just friends and family members, as well as businesses, organizations, and celebrities as well.

Facebook is a social medium allowing you to display your business’s videos, photos, blog posts, and company press releases as well.

It’s a very low maintenance site that provides instant alerts when your page visitors comment or like posts. Its analytics also help you learn what to post and when.

Twitter

Twitter is an amazing tool for businesses. The 140 character posts allow businesses to redirect Twitter users back to their website or promote specials. Hashtags are used to keep everything organized and easily searchable.

Twitter allows for a wide range of followers as well. You can easily start your followers just by following another Twitter account. You can also choose to find people on Twitter to follow via a live event, such as attendees of Twitter parties.

As with Facebook, you can also share images, videos, and your websites links to those on Twitter. Interacting is easy as well with users and businesses via their username. And your content can quickly go viral as other Twitter users can retweet and share your content on their pages.

Pinterest

In the United States alone, Pinterest has 50 million users – and that is just the active ones! Pinterest is comprised of mostly women, however, men are quickly finding out the usefulness of this site as well.

Pinterest is an influential and creative image and video-based social media platform. Here, your content can also go viral. The most important thing you can do with Pinterest is not over stuff keywords and keep your content organized via your Pinterest boards.

Instagram

Instagram is another image based social media platform. With over 300 million users, it is a great way for businesses to get the word out about products, services, and of course, specials they are having.

Instagram can be viewed as a site for those interested in fashion, food, and other visually appealing images. This site, however, is geared for those users. You can view the images on any PC, tablet, or other device; to upload content requires mobile access.

YouTube

youtube stats

YouTube, which is owned by Google, is not just for watching videos. It is also a social media platform to share videos and comment. Currently, YouTube is viewed more so by US adults between 18-34 years of age, however, this platform is widely spreading to all age brackets, even seniors.

YouTube is so great because it is easy to share the content on any of the sites mentioned in this article. It’s an engaging platform that’s easy to use and allows you to present specials, case studies, and how-to videos of any length necessary.

Google+

Google+, or Google Plus, is another Google platform. With new products and features such as Hangouts, hashtags, and instant uploads, there are many ways businesses can connect and get their message across. This is an easy way to increase your social rank.

LinkedIn

Some people feel that LinkedIn is falling behind in the world of professional social media platforms, however, it is still the prominent B2B social networking site around. It is now more than just a place to search for jobs or put up your resume.

LinkedIn has over 870,000 groups. This is beneficial for consumers and businesses. You may not think of it this way, but LinkedIn should be used as a powerful advertisement medium as well.

Check out this HubSpot LinkedIn Case Study and discover how HubSpot increased their click-through rate to 0.3% at fractions of the cost if they were to have paid for paid search advertising.

Quora

Do not knock it until you try it. Quora is a popular social media platform used for Questions and Answers. It increased in popularity once LinkedIn eliminated their Answers feature. Now, businesses can connect and show their expertise to consumers and other businesses as well.

Conclusion

These are just a small fraction of the amazing social media platforms your business can use. Each may not be meant for your business, and there are plenty of others that may work best for you.

Image source: Statista

Read More

$99 Linux-based HDMI stick

knownhosttransHave you ever imagined that you’d be able to carry your own fully functional Linux desktop computer in your pocket, other than your Android smartphone?

Now you can, and for just $99.

The coolest thing ever to hit your TV

Recently a company called DevonIT presented their Ceptor, a thin client that they say is somewhat bigger than the standard USB flash drive that, once plugged into a HDMI port of any television or monitor, turns it into a thin client. “Thin client” is a term used to describe any client that relies on another machine (its server) to perform its computational roles. This means that Ceptor is an easy and cheap way to let you wirelessly login to any remote server running any type of virtual desktop software. Once logged remotely into a computer, you have full capabilities of the machine connected to via the screen the Ceptor is attached to.

(more…)

Read More