What is a denial-of-service attack?

How to protect your charity against a DDoS attack

DDoS attacks use infected computers – bots – and since your charity has no control over other people’s security measures, it can’t prevent cyber criminals from creating large botnets. But there are a few things you can do to minimise the danger of a DDoS attack.

Spot a DDoS attack as quickly as possible

You can only protect yourself against a DDoS attack once  you have spotted that one has been launched against your charity’s website. So it is important that someone in your organisation keeps an eye on how busy your website is.

Large spikes in traffic could simply be in response to your charity’s activities (such as a publicity campaign) but it could also be the first sign that a DDoS attack has been launched.

Take technical measures if your charity hosts its own website

If you operate your own web site then it is important that IT staff are ready to take sensible technical measures to reduce the impact of a DDoS attack when you detect it. For the technically minded these measures should include:

• Limit your router to prevent your Web server from being overwhelmed
• Add filters to tell your router to drop packets from obvious sources of attack
• Time out of half-open connections more aggressively
• Drop spoofed or malformed packages
• Set lower SYN, ICMP, and UDP flood drop thresholds

Call your internet service provider (ISP) for help

Keep emergency contacts for your ISP or hosting provider readily available so you can do this quickly. Depending on the strength of the attack, the ISP or hosting company may already have detected it – or they may themselves start to be overwhelmed by the attack.

If you use a web hosting company then they will likely have a high capacity internet connection so it will be able to withstand a DDoS attack more effectively than if you host your own website. Even so, a large scale DDoS attack will pose a challenge, and your ISP or hosting company should have procedures in place which they can activate as soon as you inform them of an attack.

Consider using a DDoS mitigation specialist

If it is vital that your charity’s web site remains available during a DDoS attack, the you may have to consider paying for the services of a DDoS mitigation company. Most ISPs and hosting companies will have a partnership with one. Many offer a subscription at a cost of a few hundred pounds per month, or their services can be called on on an ad-hoc basis at a much higher cost.

DDoS mitigation companies can divert all traffic targeted at your website to themselves, where they can analyse the traffic, filter out unwanted data, and then pass on legitimate traffic to your website. The drawback to these services is that they can be expensive, and they also make the website slower and less responsive.

Wait it out

The alternative to fighting a DDoS attack is simply to wait until the attack subsides. If your charity can bear the consequences, then doing nothing until the DDoS attack peters out may be a practical, if unattractive, option.