DDOS attacks….Very Frustrating

DDOS attacks are becoming more and more familiar as everyday passes.  We currently host at one of the largest cloud providers in the world and they seem to be getting DDOS attacked on a bi weekly basis.  These DDOS attackers seem to attack these large hosting companies at the most vulnerable points.

Keep in mind, our hardware is dedicated at this provider.  We have our own rack, our own firewall and all of our servers are dedicated only to us.  It amazes me that these attackers can target such a giant and our site is effected pretty drastically.  When we reach out to our provider asking for an explanation, we get a pretty general response back that says there is nothing that can be done.

It seems to me that they target the largest players and do their best to try and bring them down.  They target them in ways where they are in essence cutting them off at the ankles.  Realistically anything on the internet with an IP address is vulnerable to a DDOS attack, but I have never had anything “small” of low importance get DDOS attacked.  Only sites or IP addresses that are high risk, high traffic seem to get attacked.  In my opinion, DDOS attacks are going to be the new form of extortion, bribery and protest in the coming years.  As long as an IP address is pingable on the internet, you are at risk.

So why do they do it? Are they sending a message?  Are they just doing it out of boredom?  I would love to get inside the head of a DDOS attacker and see what causes them to do such things.  It’s one thing if they are trying to send a political message, or have been wronged by the person or company that they are attacking.  But attacking companies or networks for little or no reason really doesn’t make sense to me.   It would be like someone walking up to you and punching you in the face for no reason (like the knock out game which I think is attorcious).

To date, our website has gone down twice in the last 3 months due to DDOS attacks, in which we have no control over.  We are starting to now develop recovery plans simply for unsuspected DDOS attacks.  This wastes time, money and causes a lot of unneeded stress.

Here is what a DDOS attack did to our main web server CPU:

DDOS attack on Memory

DDOS attack really didn’t affect our memory useage:

DDOS attack effect on Memory

Our overall performance score (Apdex) didn’t drop that much:

Apdex Score during DDOS attack

The moral of the story is the damage could have been worse, but still caused us to waste a lot of time and make sure that this wasn’t an internal issue.

Thanks