I’m sure most of you will be familiar with DDoS (Distributed Denial of Service) attacks and might have even been affected by one, but if not, here’s a quick break down. A DDoS attack works by flooding a network / server / router with so much traffic that it can’t respond to regular requests, essentially clogging up the line and preventing it from functioning as expected. This type of scenario can happen when small sites are listed on high traffic sites like Slashdot or Reddit and then crumble under the weight of massively increased traffic, but more commonly it’s the result of a coordinated network of zombie computers, or a botnet, under the control of hackers or criminal organisations deliberately trying to disable specific targets. These botnets are made up of computers which have been affected by a trojan which allows the attackers to send huge volumes of requests simultaneously from thousands of machines across the globe, making it almost impossible to block.
“So what does all this have to do with email?” I hear you ask. Lots! Large players in our space including Spamhaus, AWeber, Mad Mimi and SendGrid have all had recent attacks. Other services like DNS hosting companies, Content Delivery Networks, banks and credit card payment systems have also been attacked, all of which can have an impact on your business, website or email marketing.
Recently some of our clients were affected by the PointDNS attack, which meant DNS lookups for their domain were failing, breaking the tracking on their emails and frustrating their recipients when links they were clicking on in emails resulted in timeout errors on their browsers.
So what can be done? Unfortunately, not a lot. DDoS attacks are not like other vulnerabilities in that they don’t require any type of breach of your system, which means traditional prevention measures like firewalls can’t protect against them. The attackers are using the internet against you, using the very same channel your regular customers would be using to get through to you. The best way of mitigating the attacks is being able to handle more requests, so using services like Cloudflare or Prolexic can go a long way to help. Finally, it’s also worth using more than one DNS provider so if one gets taken down you have some redundancy.