Distributed Denial of Service

Why Should News Websites Worry About Distributed Denial of Service Attacks?

Understand the concept of DDoS (Distributed Denial of Service) attack and take measures to overcome the downtime of your news website

Written by: Shantha

It’s 9pm. You’ve just finished dinner with the family and you’re sitting in front of your laptop ready to start uploading a breaking news story that’s under embargo until midnight.

You’ve chosen to give yourself 3 hours to calm your nerves as you go through the motions of uploading the story—you’ve done this hundreds of times before. Nothing to worry about except for the fact that you HAVE to be the first news website to release this story.

Your editor has also made it quite clear that any kind of mistake will set your promotion back so really, everything rides on getting this up just after midnight: all facts right, no errors.

23.59. Everything is ready to go, you just need to hit publish.

00:00. You ‘submit’ and hold your breath as the story uploads. It’s done. You hit refresh on the website homepage and that’s when it happens. The website is down. You panic. Maybe you should try and load it from your phone? Unfortunately, you still can’t access the homepage or any other page of the website. You try from your child’s phone. Still no luck.

The phone starts ringing. It’s your editor.

What is going on?

It’s been 3 hours and multiple competitors have gotten the story out already. It’s the talk of every news channel and social media handle. Your website is still down and you’ve only just discovered why it crashed. But the damage has been done.

Your website has been victim to what is known as a Distributed Denial of Services (DDoS) attack.

DDos Attack

What is a Distributed Denial of Services (DDoS) attack?

Simply put, a DDoS attack uses multiple computers or machines to flood a server with traffic, making your website or resource unavailable. It is done with the objective of overloading your server or web application to interrupt services.

As the server is flooded with more than it can process, it may crash, data may become corrupted and resources may be exhausted to the point of paralysing the system.

A more primitive version of such an attack is the DoS (Denial of Services) attack which uses only a single computer or machine to achieve the same outcome. But as a news website, you’re more likely to be at risk of the former.

Worried? You should be, but you’re not alone in this. Giants like Amazon Web Services (AWS), GitHub, BBC and the Bank Of America have been victim to some of the largest DDoS attacks of all time.

Why should news websites worry?

DDoS attacks are evolving; becoming more sophisticated and powerful. They’re also being carried out using everyday devices making businesses more vulnerable than ever before. What’s worse, these attacks are now everyday occurrences. So whether you’re a non-profit, a huge MNC or a news publisher, your online services—email, websites—can be slowed or stopped by DDoS attacks.

The A10 State of DDoS Weapons Report for H2 2020 reported an increase of over 12% in the number of potential DDoS weapons available on the internet! With approximately 12.5 million weapons detected, the risks you’re faced with are phenomenal and ample cause to pause, understand the risks and put safety measures in place.

As a news website you should worry for the simplest of reasons: someone else will break the story first.

A DDoS attack shuts you down. Period. The time it takes you to get back up and running could cost you customers (in your case readers), revenue, credibility and website traffic! For news websites, it acts as a catalyst to suppress speech. If you’re a neutral platform, a DDoS attack launched by a competitor or a group of people who disagree with your stance WILL affect your ability to tell the story YOUR readers are expecting to hear. And really, what’s the news without an audience to tell it to?

And finally, imagine having to spend anywhere from $300,000 to over $1,000,000 per hour! That’s how much IT services downtime costs a company on average (per hour of downtime). Can you imagine being Google in 2020 when thousands of their IP addresses were attacked over a 6-month period?

The sharp rise of DDoS as a way to silence media sites is now common, and symptomatic of a large problem. There is a gross shortage of technical talent in administering these websites leaving serious vulnerabilities open. There is of course plenty that needs to be done to improve security. But you’re already a quarter of the way up the ladder: you know you’re at risk. We can help you do something about it.