Should DDoS Victims Own Up or Cover Up?

When a popular Web site is taken down by a DDoS attack the typical response by many companies is often to go into “denial” themselves or at least play hard to get should anyone want to the question them as to why their online services suddenly aren’t (online). The general view from the Web publisher’s side seems to be that by coming clean, and acknowledging the root cause, they are somehow opening the flood gates to copycat attacks. When many attacks can be stopped by agreeing to paying a substantial ransom it is perhaps understandable that companies decide to take the least worst option.

Whilst there may be some logic in taking this approach, perhaps if more companies in this position were more open about the problem it could ultimately be much better for the wider ecommerce community. One of the consequences of sweeping this under the carpet is that the perception is that DDoS is a less prevalent threat than it actually is, which in turn means that many companies down grade the risk factor and do not put in place adequate defence mechanisms. The reality is that DDoS attacks are an increasing weapon of choice with up to 5,000 recorded attacks per day in the US alone in the past 12 months.

The recent rumours circulating about the non-availability of Amazon’s Web site is a classic case in point and a missed opportunity to really bring the problem of DDoS into the open and maybe start to get a real industry debate going on how to solve the problem. It may be a naïve view but perhaps if more Web sites were protected the bot-herders might find that their efforts were not as lucrative in the future and decide to get a proper job.
However it is no less naïve than thinking that keeping the details private cannot hurt the company. Allowing customers and stakeholders to speculate fuels rumours and signals weakness and continuing vulnerability. Simply and honestly saying this is what happened and this is what we are doing about it ends the speculation and signals competence and strength, but if you wait too long it will sound like spin.
With technologies like Webscreen’s WS series available and proven effective in protecting some of the world’s busiest Web sites it makes little sense to sit and suffer in silence. For an investment of less than the average ransom figure demanded by the attackers it is possible to have a permanent solution and preserve the corporate reputation – and help the rest of the online business sector at the same time.