Multitudes of websites have been down or unavailable since the summer of 2010 due to an increase in various cyber attacks against certain websites or entire host servers. Here’s a little bit of news about what’s behind all of this and ways you can protect your website from being hacked.
In early December 2010, Graham Cluley reported on Naked Security that “a number of websites have been struck by DDoS attacks, seemingly co-ordinated by supporters of WikiLeaks against firms and websites who they feel have turned their back on the controversial whistle-blowing website.”
On that same day, the Huffington Post reported that Mastercard and a Swiss Bank went down due to those same attacks too.
What’s it Called?
A DDoS attack (Distributed Denial of Service) is when a bunch of computers gang up on another computer or host server and cause a traffic jam so big that it results in grid lock. It not only affects the site they are attacking, it can bring whole server networks to a crawl. Mass cyber attacks happen all the time. The news cited above is one of the few you ever hear about.
Most website owners participate in what is known as shared hosting. Think of it like a filing cabinet. A folder with your site files is placed in a drawer along with other folders. The whole cabinet is the host’s server, or big hard drive. If one of the folders in that cabinet is attacked, it could adversely affect the rest of the folders too.
Most big companies, like Mastercard are on what’s known as dedicated servers. In other words, they own the whole filing cabinet, but it still may be located in what are called server farms with lots of other filing cabinets hooked to the same backbone, or Internet gateway. So, while an attacker can’t get to Mastercard’s filing cabinet directly, they may be able to get to one of the others on that farm and clog the gate for anyone else to get in or out.
For maximum security, most governments own their server farms and the equipment that provides the gateway, but at some point, those lines do go out into the world at large, and that’s where hackers try to slip in.
To accomplish a distributed attack, hackers need lots of computers to overwhelm another computer. Most hosts have security measures in place to fend off such intrusions, but with shared hosting, every folder in the cabinet can be a way in for a hacker if each site does not take proper security measures for itself.
You can increase your site security to ensure that a hacker can’t slip some code onto your site and have it involuntarily participate in the attack by keeping your WordPress files, plugins, and theme up-to-date. You can have a qualified geek check your WordPress installation for security holes. And, you can install a few extra security plugins.
Mass cyber attacks are on the rise. Hosting companies are in a 24/7 battle to keep them from affecting your site. So, help them out by keeping your files updated and encourage everyone you know who owns a site to do the same.