Yesterday, our friends over at Ancestry.com say they were hit by what’s called a DDoS Attack, or a “Distributed Denial of Service” attack. It has temporarily shut down Ancestry.com and their affiliated mobile application, Find A Grave, which is frustrating for the company and users alike. In the last 12 hours, BillionGraves has been inundated with questions from all over the place about this attack, wondering how it happens and if BillionGraves is prepared for something similar. While the attack has shut things down for a moment for Ancestry, it’s important to understand what a DDoS attack is, and what WE, and other companies, do to try to prevent them.
What is a DDoS attack?
While we could give you a long, drawn-out answer, we think the website HowStuffWorks.com gave a great response, found HERE
“The idea is pretty simple — a [hacker] tells all the computers on his botnet to contact a specific server or Web site (In this case Ancestry.com/Findagrave.com) repeatedly. The sudden increase in traffic can cause the site to load very slowly for legitimate users. Sometimes the traffic is enough to shut the site down completely.”
To simplify it even further, hackers try to make a website so slow with fake traffic that the website ultimately crashes.
Why do people do this?
Why do people steal? Cheat? We don’t know… Possibly boredom or a challenge. Maybe revenge? To quote Batman’s butler, Alfred, “Some people just want to watch the world burn.” While these attacks can be momentarily debilitating for a website, it’s important to note that, usually in specific cases of a DDoS attacks, hackers aren’t capturing any portions of anyone’s personal information. They’re simply using an army of fake computers (zombies, if you will), to “attack” and bog down the company’s website. All the information stored there is safe and secure, IF secured correctly.
What do companies do to avoid this?
There are several safe guards that a company can implement to protect their sites from malicious attacks. Unfortunately, there’s not much a company can do with a DDoS attack. Companies like BillionGraves (and Ancestry) hire entire herds of engineers just to keep a website safe and running. It’s a tiresome, time consuming, and thankless position that often goes unnoticed. During a DDoS attack, a system administrator can block specific users, or IP addresses, or start limiting traffic to the website, but it’s extremely difficult to know where the origin of the attacks are coming from. Many of these “attackers” spoof their addresses, making them harder to identify. In most cases, the system administrator has to take the website down and regroup to ensure their site is safe, which is exactly what Ancestry.com is doing at the moment.
All in all, while DDoS attacks appear to be harmless, they can significantly disrupt operations for a website. Companies make their livelihoods with their websites, and these attacks are taken seriously. While no website is 100% immune to these attacks, we have a solid and intelligent team of computer nerds working around the clock to keep BillionGraves safe and running!
Waiting for Ancestry.com to come back online? Go outside and enjoy the beautiful weather at your local cemetery and snap a few pictures! Register for BillionGraves now! It’s FREE… and working!