Over the last 10 days or so you might have noticed that our website has been “playing up”. Here is the back story…
It came a bit late when earlier this week Kaspersky, the computer security company issued a report revealing that the number of DDoS attacks in the second quarter of 2020 increased three-fold in comparison to Q2 2019.
Our DDoS, or distributed denial of service attack, started the week before around 5am, or that’s when the text alert came in. We were receiving upwards of 27,000 attempts an hour to crawl all over our online assets, consuming capacity in an effort to make our website fall over.
Our DDoS originated in West Africa using remote servers to crawl over our online assets, consume capacity and attempting to make our website fall over. Enter our DDoS defence plan that we developed in 2014 after our last attack.
While I will not give away our detailed security actions, the plan has various escalation levels and kicks in right away. We took the target stories and files offline and took our ad management offline as well. In the meantime we updated our site security and our website hosting company, in partnership with our website team dedicated their high level security team to monitor and defend the site. That included activating our “white” safe IP address list and blocking attack IP addresses and then the countries where the attacks were emanating from.
In the background we were restoring the last backup ready to deploy on another server with a new IP address as a precaution. It took about eight hours to get the attack under control, but the ongoing defence of our website continued until earlier this week, when as fast as the attack started, it ended. We then took the opportunity to update the backend of our website and bring everything back online bit by bit.
The final bill is not in yet but will be in the region of €5000 ($5,904). To put that in context, our 2014 attack cost us €60,000 ($70,854) and took our website out for nearly two weeks.
Fast forward to this week and Kaspersky experts believe the rise in malicious activity can be attributed to the impact of COVID-19, as both cybercriminals and their targets have had to reconsider their summer plans.
The pandemic, and subsequent social distancing restrictions, have significantly changed people’s lives. In particular, many people feel concerned about travelling or are simply unable to do so. So, many are either spending their days off in “staycation” mode or have cancelled their scheduled holidays. And this change in vacation plans has had unexpected consequences – including an increased number of DDoS attacks.
The number of attacks Kaspersky DDoS Protection detected and blocked in Q2 2020 is 217% higher than in the same period of 2019. Also, the number of attacks in Q2 2020 slightly increased in comparison to the first quarter of this year.
Our advice: It can, and probably will happen to you and you should have a plan…
