Why hosting security is important
If you were anywhere near a computer last weekend, you know that there was a major attack that seemed to bring down half of the internet.
First, we are going to chat a little bit about the attack that happened. Next, we will explain what the attack could mean for your own website, and later, what steps you can take to secure your website.
The last few months have highlighted a number of large-scale attacks on major websites. The trend seems to be continuing as hackers launch attacks for both unethical and supposed ethical reasons. Some of the recent attacks even appear to have been sponsored by other nations, flexing their muscles on the world stage.
How did the internet go down last week?
But what was going on last week that caused much of the internet to go down? How did it happen?
First of all, the attack was directed towards a company called Dyn. Dyn provides DNS (Domain Name System) services for a segment of the internet. A DNS is the service that tells the internet how to find the website you are looking for.
See, computers use a number (called an Internet Protocol (IP) address) to find websites. But, humans aren’t so good at remembering numbers and we like to use words. A DNS is the service that translates the words we like to use (usatoday.com) into IP addresses that computer like to use (18.104.22.168).
When Dyn was attacked earlier this week, they stopped translating our words called URLs (usatoday.com) into IP addresses (22.214.171.124). And so, when you tried navigating on over to hit up your tunes on Spotify, your request wasn’t translated into an IP address, and that little blue wheel kept spinning until it timed out.
A number of large companies were in Dyn’s address book, and it largely impacted the East Coast, West Coast, and Europe. Think Twitter, Spotify, Netflix, Amazon, Tumblr, Reddit, PayPal and Pinterest.Those are some major sites to bring down.
How did they come down? Well, the hackers broke the service that translated the URL into IP addresses. Yes, but they did it by simply overwhelming Dyn’s servers.
They did this by recruiting dormant devices that are connected to the internet (think your wi-fi enabled thermostat) and turning them into an army of weaponized computers called a botnet.
This botnet can throw a huge amount of data at a server, like Dyn’s. This enormous amount of traffic is difficult to distinguish from normal user-generated traffic, so the server attempts to process all the requests.
In the case of the attack on Dyn last week, the server was unable to process the data (think 1.2 trillion bits per second) and crashed.
The hacking group that claimed responsibility for the attack (New World Hackers), claimed to have only used 10 hackers for the attack and is a small group of only about 30 or so hackers that have access to the group’s Twitter account, according to reports. In addition to their small size, the hackers used Mirai, an easy-to-use program that allows unskilled hackers to facilitate an attack using online devices to launch the attack.
The group claimed they were only identifying a weakness, not asking for fame or money, but they did leave the door open for future attacks.
What does all of this mean for you?
The recent attacks are primarily a sign that website security is becoming an increasing issue. Websites are more vulnerable than ever, as both independent and state-sponsored hacking has become a real and increasing threat in the past few years.
Furthermore, you want to look for a hosting company that understands the threats out on the horizon and is prepared to provide defenses as necessary.
If your website is built on a WordPress framework, you want to ensure your WordPress installation is up-to-date and that your plugins are secure and up to date as well.
So, let’s get real for a minute, here. You are busy taking care of your business. Do you have time to stay caught up with the news on the security side of the technology world? And if you were in tune with that information, would you truly have time to keep your website up-to-date and defended against attacks?
We didn’t think so. And do you know what? That is completely normal. We know you are busy, and that is why we make sure to stay in the loop so that we can keep your site up-to-date and protected.
Next week we will talk a bit about how we keep your site protected, what our hosting includes, and what our clients are saying about our hosting services.