Mothers go offline due to DDoS

On the evening of Tuesday the 11th of August the inconceivable happened: Mumsnet was taken offline be it only for hours by an apparently disgruntled father @dadsecurity by a Distributed Denial of Service attack or “DDoS” attack.

The response to this attack was two-fold. Firstly, Mumsnet service provider increased the bandwidth and sever capacity to cope with the attack and, in a seemingly related secondary threat, @dadsecurity resorted to a swatting attack normally reserved for the very rich and famous where the police are told a violent, armed incident is occurring at the address of the target and police rush round to apprehend the suspects in full body armour while armed to the teeth which is what occurred at the Mumsnet founder’s house.

The reason for these incidents and underlying motivation is something that will no doubt become clear over the coming weeks and months, most probably in court when @dadsecurity will be unceremoniously unveiled as will surely happen. The fact that an unhappy member of the public can effectively remove the target of his hatred from the web in this instance mumsnet by deploying a home grown or purchased DDoS attack is certainly concerning.

These stories are becoming more and more regular as the ability to create these DDoS storms or attacks becomes easier to achieve even from a home office or purchased from the darkweb. My primary concern is not the effect or even the cause but the response, adding server capacity, changing firewall settings, increasing bandwidth, disconnecting cables all might have a short term impact on the threat but in the medium to long term are like trying to catch raindrops so they don’t wet the ground it just isn’t going to happen. The top IT networking and security companies understand this and either partner with specific DDoS mitigation companies, buy them or steer well clear of the problem. A denial of service attack can be infinitely increased in a very short period of time and can be sustained indefinitely and I don’t use either descriptive word lightly. The weight of a DDoS attack can be crippling to any size of organisation or entity including central governments and so what hope does a hosted website for mums have to defend against a determined attacker?

What is worse is that specialist DDoS mitigation security companies like Arbor Networks consistently prove that a DoS attack is statically just a cover for some other web based threat and in the Mumsnet scenario is appears to be just that. As a follow up @dadsecurity claims to have stolen user data and since then unauthorised posts have been made by administrative users which have later been found to be fraudulent. All this is yet more proof that DDoS mitigation is the front line for preventing fraud and a host of hacking, theft and damaging online threats.

Mumsnet is not the first, and most certainly will not be the last, but dedicated DDoS prevention solutions would have limited the impact, and potentially removed the threat entirely, by blocking the data in the cloud or at least reducing the impact on the service provider thereby buying more time for the smart IT folks to lock down the Mumsnet servers preventing the follow-up threats.

See the original Mumsnet post here.

For more information on how true best in class DDoS mitigation would benefit you or your organisation you can always take 10 minutes to respond to AssessMy DDoS Mitigation here.
As a reward AssessMy and Arbor Networks will send you a bespoke Executive report identifying your DDoS operational strengths and weaknesses to help you get to great.