You may not consider the internet to be a fragile thing.
But today’s massive DDoS attack on Dyn just proved that we’ve been taking the internet a little bit too much for granted.
If you’re not sure what happened, then a whole host of extremely popular websites were unavailable not once, but twice.
A DDoS attack, or distributed denial of service, just means that useless data is directed at a DNS server. If you’re not sure, the DNS server is the thing that translates www.twitter.com into an IP address that it can understand.
The server can’t cope with the influx of junk requests, so it overloads. It denies genuine requests and no one can access the websites.
So Twitter, Amazon, Etsy, Spotify, Soundcloud and many others were essentially down between 7:10am and 9:36am ET, and again between 12:06pm and 2:52pm ET.
While some say it only really affected the US, Business Insider UK noted that the second wave did affect Europe as well.
What lessons can you and your business learn?
It means that you can’t rely on the internet! While attacks like this have so far been rare, Gizmodo predict that we’ll see a lot more of them in future.
You can’t hold back a DDoS attack, and as an end user you’re pretty much at the mercy of the attackers.
But here are 4 things you CAN do to mitigate the impact in future.
1) Keep a local back up of your files
It can be tempting to keep all of your data ‘in the cloud’, especially as accessibility improves. After all, cloud storage allows you to access your files from anywhere, as long as you have an internet connection.
But if any of those services become unavailable, for whatever reason, then so does your data.
The loss of power to a data center owned by Delta led to the cancellation of over 740 flights. That’s a huge cloud-based problem!
Keep files on your machine, if you can, and keep an external hard drive close by. It doesn’t need to be connected all the time, but make sure regular back ups are a part of your routine.
If one of the cloud services does have an outage, then you’ll still have access to your files.
I use a WD Elements 1TB External Desktop Hard Drive (aff link) and it does the job spectacularly!
2) Make regular back ups of your blog
There are plenty of plugins to help you back up the content of your blog.
It’s best practice anyway, since just updating a WordPress theme is easily enough to ‘break’ your blog.
If that happens, you don’t want to realise that everything you’ve poured your heart and soul into has disappeared.
So install a plugin like UpdraftPlus or BackUpWordpress and get yourself a little peace of mind. Both of these will perform regular, automated backups. The pro versions will let you backup to specified locations. Just make sure you download a local version of your backup too!
But if you do nothing else, then go to Tools and then Export in your sidebar. Download the .xml file that contains all of your posts, comments, and other data, and keep it on your external hard drive.
3) Check the security of your blog or site
I use the Wordfence plugin for WordPress and my web hosting comes with Cloudflare.
If you’ve never heard of Cloudflare, then it’s a service that explicitly offers protection from a DDoS attack for your site.
Sounds great, but Cloudflare were one of the sites affected by today’s attack!
So if you don’t have one already, install the Wordfence plugin (as a minimum) to help secure your WordPress site. A good alternative is iTheme Security, which gives a raft of settings you can change to bring you that extra peace of mind.
Even better – don’t use your default admin account to log in. Hackers will be able to guess ‘admin’ as a username, and it won’t take long for them to crack your password.
So set yourself up as a new user and use that to post your content instead. If you do want to use your admin account, give it a weird name that no one can guess when you set it up.
There are some awesome advanced tips here that you can try too.
4) Remember there’s a world beyond the internet
It can be really hard in the internet age to remember that business was conducted for centuries without email.
I know the internet makes things a lot easier. Heck, it’s how I’m talking to you right now.
But it’s okay to unplug and do things in the ‘real world’ from time to time.
Pick up the phone and call someone. Browse a local trade directory and make a list of potential leads. Brainstorm topics for your blog posts or email campaigns. Just work on paper for a while.
I didn’t even notice the outage because I was with my students. What were you doing?