Its called a Distributed denial-of-service (DDOS) attack.
Here is the scenario. You operate a small business and have a website and some email accounts for your staff. You pay your hosting company a few hundred dollars per year. All of a sudden you become the target of a DDOS attack. Perhaps its because of your religion, your personal views, something you or your staff may have said. In some cases it is just a random attack.
Behind the scenes there is some individual armed with a credit card or paypal account who orders a botnet service. For just $10/day this botnet service will guarantee to cripple your website and emails by DDOS’ing your websites IP address.
So over the course of two/three days you are forced to operate your business without the use of emails or your website. For many business owners this would amount to a heavy toll and a huge financial loss.
Lets put this in simpler context
Imagine you have a shop. You lease a building, pay monthly rent and have a few staff. One day someone organises for 5000+ people to visit your store at a specific time. They all cram in shoulder to shoulder packing every square inch of your floor space but unlike the Myer stocktake sale they have no intention of buying anything. They simply hang-around for hours and deny access to legitimate customers. Your staff are powerless to control the situation and are unable to serve any legitimate customers. There is no need to spell out the loss of revenue this would cause.
You can call the police, but technically none of them have broken any law. You can try and abuse your landlord who you lease the building from, but he is hardly responsible.
In many cases your hosting company is powerless to mitigate or prevent this. They simply cannot control who, when and how many visitors go to your website.
This causes significant problems for the hosting company as most clients simply put the blame on them as they don’t understand the problem. In most cases they have to shut down the server, or what is known as null routing the IP terminating your account. The hosting company gets caught up in the middle and are often fielding abuse because their website is down.
As the price of the botnet services from Russia and China are getting lower day by day, this type of activity will only increase, because it works !. There is also evidence that it is being used as a legitimate marketing tactic to knock out the competition.
So what can be done?
You can lie low and fly under the radar, but the truth is DDOS’ing works and you will unlikely ever be immune until the technology becomes affordable to prevent DDOS attacks.
