Atlantic.Net Blog

Top 5 Biggest DDoS Attacks, and What Hosting Companies Learned

For businesses that rely on their websites for revenue or as their customers’ main gateway to information, there’s nothing more frightening than the threat of a distributed denial of service (DDoS) attack. Revenue lost, service interrupted, brand identity marginalized, trade secrets or customer data stolen; it really does sound like the worst-case scenario. Some companies hope that they are too small to be noticed by hackers, others that their size alone implies they must have ample security to survive a DDoS attack. Both ways of thinking are horribly misguided, as has been proven time and again.

Compiling a list of the biggest DDoS attacks in history is about as gruesome as documenting the worst single-day drops in the history or the stock market or the most damage done by hurricanes. But the analysis of why the attacks happened and how they have helped the digital security world stronger as a result makes such record-keeping worth it.

As with history itself, if we can’t learn from these security mistakes, we are surely destined to repeat them.

Here’s a deeper dive into the five biggest DDoS attacks of all time and what hosting companies have learned from them.

Spamhaus, 2013

What Happened: Believe it or not, there are actual “good guys” on the Internet, and Spamhaus is one of them. Founded in 1998, the Spamhaus Project is a non-profit organization dedicated to weeding out spam emails and organizations. In March of 2013, Spamhaus was hit by a massive DDoS allegedly perpetrated by CyberBunker in retaliation for Spamhaus adding it to its blacklist. Using IP address spoofing, the spam requests directed at Spamhaus as part of the attack peaked at a previously-unheard of 300 gigabits/second and affected Spamhaus for more than a week. Spamhaus had allies to help it shoulder the load and hired Cloudflare to mitigate the nastiest parts of the attack, and it still took them more than seven days to get everything rolling again. At the center of this DDoS was a strategy known as a Domain Name System (DNS) reflection. This technique involves sending a request for a large DNS zone file using the source IP of the intended victim for the reply. The request is sent to a large number of DNS resolvers, all of which automatically reply with the large DNS zone file, thus flooding the victim’s IP address with requests.

What We Learned: It turns out the exploit was taking advantage of misconfigured DNS resolver software, specifically made by a company called BIND, which was set up to respond to a query from any IP address on the planet.  The Spamhaus attack happened because thousands of companies around the world had open DNS resolvers that had been used in the hack. Identifying them and shutting them down made the Internet a safer place for everyone.

Hong Kong, 2014

What Happened: Two years before parts of the US government accused Russian hackers of influencing the presidential election, Hong Kong independent media sites were attacked during rallies by pro-democracy advocates. The two news sites, Apple Daily and Pop Vote, had Cloudflare looking out for them, which said the two websites were getting hit with 500GB/second of junk traffic. Pop Vote was targeted first, with attacks on Apple Daily coming later that summer. The hackers were able to disguise huge packets of junk as legitimate traffic, bringing both sites grinding to a halt. The hackers also used the attack to break into both sites’ databases and sent phishing messages to PopVote staff members.

What We Learned: Hackers’ technology is going to keep advancing, so defenses have to keep advancing too. A year before Hong Kong, the Spamhaus attacks blew everyone’s mind by reaching 300GB/second of attacks. A year later, the Hong Kong attacks nearly doubled that statistic. Hackers aren’t going to use old technology, they’ll keep pushing for more powerful ways to attack. Defense and security must evolve to keep up.

Github, 2015

What Happened: For the uninformed, Github is one of the coolest spots on the Internet. It’s a development platform where you can host, share, build and manage your own codes and projects. While most people tend to see this type of website as reflective of the true “one world community” that represents the Internet at its best, others (such as certain countries who block such controversial websites like Wikipedia and Yahoo) clearly don’t care for the concept of sharing information freely, and decided to do something about it. Yes, Chinese hackers were behind the attack, their role confirmed by Rob Graham, the CEO of Errata Security. GitHub shut down for most of five days as two GitHub pages were loaded and reloaded again and again by thousands of computers. The “Great Firewall of China”, which is used by the Chinese government to censor its own citizens from viewing content from outside of its own borders, had now been turned into an offensive weapon, linking those private computers together to attack Github.

What We Learned: When a hacker or syndicate attacks your website, you can track them and bring up criminal charges. What do you do when the offender is an entire country – one that is so secretive that it censors the most basic of American websites from its citizens? More than a lesson learned, this attack was a eye-opener into the world of cyber espionage and how big it can get.

BBC, 2015

What Happened: On the last day of 2015, a group calling itself ‘New World Hacking’ brought down the BBC news website along with its on-demand iPlayer service. Quite proud of themselves, the New World Hacking group claimed they had used their own invention, the BangStresser, to launch a DDoS attack. The group claimed that the attack was to “test its power” as it prepares to take down the terrorist syndicate ISIS. Even more fascinating is that the attack appeared to use two Amazon Web Services (AWS) servers to harness ‘unlimited’ bandwidth.

What We Learned: Everything is vulnerable. Is that a little pessimistic? Maybe, but when a group can use AWS to take down the BBC, that’s a real punch in the gut to the presumed security of two trusted names. For the average person, the big news is that the BBC got knocked offline. For the more IT-savvy crowd, the fact that AWS products were used is the bigger deal. On the scene since 2006, AWS is a bit of a paragon of strength in the market. Hackers using AWS as a weapon to attack a trusted news service is a bit unnerving.

Dyn, 2016

What Happened: Remember Y2K and the pervading notion that at midnight on January 1, 2000, we’d all wake up to chaos and anarchy? (Spoiler alert: nothing happened.) Well that was the feeling a lot of people experienced on October 21, 2016, when DNS provider Dyn was struck three times by DDoS attacks. Websites taken offline by the attack included Twitter, Tumblr, Paypal, Pinterest, the BBC, Etsy, Fox News, GitHub, GroupHub, HBO, HostGator, iHeartRadio, Mashable, the New York Times, Reddit, Shopify, Slack, Spotify, Starbucks and more. Dyn itself called the attacks “highly sophisticated” and reported that there were tens of millions of IP addresses involved.

What We Learned: The Internet of Things (IoT) is remarkably vulnerable. Who would have though lax security on things like baby monitors and residential gateways could turn into a national nightmare? The hackers responsible infected these IoT devices and millions more with the Mirai malware and turned them loose on Dyn. The malware had been released as open-source code a few weeks prior on the Internet. Sort of like dumping the ingredients to a homemade bomb in the middle of a crowded shopping mall and walking away. Hosting companies responded with increased edge protection to enhance their ability to keep their clients safe.


Physiology of Fear Driving Healthcare IT – or Is It Real?

The healthcare cybersecurity market is expanding at an incredible rate. An April 2016 Grand View Research report projected that the scope of the industry would reach $10.85 billion by 2022. That may sound high, but it now looks like it was an underestimate: a February 2018 analysis released by Market Research Future predicts that health information technology (HIT) security will rise at a compound annual growth rate (CAGR) of 22% through 2022, ballooning from $4.8 billion to $15.82 billion.

Read More


Blockchain Security & Compliance: Is This the Future?

The technology that pushed Bitcoin and other cryptocurrencies into the public eye is a distributed ledger, better known as blockchain. This approach gives any entity that uses it an ongoing and dynamic transaction log. Over time, data is shared and compared to various other nodes, all of which continually have an up-to-date database copy. Auditing controls the adding of transactions to the database. By distributing transactions in this manner, you are able to remove single points of failure (SPOFs); prevent the controlling of the ledger from a single position; and verify all your transactions, with no need to utilize an independent service. All transactions are public, making it much less likely that the ledger is gamed to meet the needs of a nefarious party.

Read More


Why Do Medical Billing and Coding Companies Need HIPAA Hosting?

Medical billing providers and healthcare programmers cannot simply be satisfied with standard hosting, but instead should implement HIPAA-compliant hosting whenever sensitive health data is transferred server-side. This is because organizations like medical billing companies and healthcare programmers are business associates that have direct responsibility for compliance; because the expenses for breaches (which HIPAA hosting is intended to prevent) extend far beyond the fines; and because the definition of a breach is broader in recent years than it was prior to 2013.

Read More


What Can You Do with a VPS and Cloud Server?

Kent Roberts March 30, 2018 by under Cloud Hosting 0 Comments

Choosing the right direction with hosting gets a little complex. For instance, you might think that there are strong points to be made for using virtual private server (VPS) hosting just as there are for using cloud hosting. Actually, these two options are not contrary to one another but can be complementary: you can get a VPS within a cloud infrastructure. That cloud VPS hosting option means you can benefit from both of these incredibly popular and useful technological approaches for your backend.

Read More


How to Prevent a HIPAA Data Breach

In early October, Henry Ford Health System announced that it had been hacked and that the records of 18,470 patients had been stolen. On July 25-26, Arkansas Oral Facial Surgery Center was infiltrated by a virus that blocked the practice from being able to access images, files, and notes related to 128,000 patients. In September, Augusta University Medical Center announced that fewer than 1 percent of its patients’ records were stolen during a breach; however, this attack was the second phishing effort to work against the healthcare provider in just 5 months. These are just three of the most notable healthcare data breaches that occurred in 2017.

Read More


Who Uses DDoS Attacks and Why?

If your business has ever suffered through a Distributed Denial of Services (DDoS) attack, it’s was likely experience you haven’t forgotten, as much as you might like to. For your website, a DDoS attack is like being paralyzed – your website becomes unable to respond to the simplest request, your online store is completely unusable by paying customers, everything that makes your business go suddenly grinds to a halt like you’re stuck in the world’s worst traffic jam.

Read More


Why Do Biotech and Pharma Need So Much Computing Power in the Cloud?

For industries like biotechnology and pharmaceuticals, the true power of cloud computing is its ability to push the limits of computer processing to solve the greatest problems of today and tomorrow.

Both biotech and pharma firms are under intense public and governmental scrutiny and are tightly regulated. They also regularly use massive amounts of data as they trial new products, new cures and new solutions. What does the inside view of a biotechnology or pharmaceutical firm look like in the cloud? It’s a massive environment that is harnessing every technology available to change the world. Let’s take a closer look at how biotech and pharma firms harness the power of cloud computing.

Read More



Predicting HIPAA Compliance Trends for 2018 and Beyond

Kent Roberts February 28, 2018 by under HIPAA Compliant Hosting 0 Comments

Health expenses add up to nearly one-fifth of the gross domestic product in the United States: at $3.2 trillion, this segment represents 18% of the GDP. The transition to digital environments could lead to total cost savings of $300 billion, particularly related to chronic conditions. By lowering cost, digitizing healthcare effectively makes it easier to deliver treatment, improve quality-of-life, and save lives. However, healthcare technology is also tricky because of the parameters of healthcare law, especially the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology and Clinical Health Act (HITECH).

Read More


New York, NY

100 Delawanna Ave, Suite 1

Clifton, NJ 07014

United States

Dallas, TX

2323 Bryan Street,

Dallas, Texas 75201

United States

San Francisco, CA

2820 Northwestern Pkwy,

Santa Clara, CA 95051

United States

Orlando, FL

440 W Kennedy Blvd, Suite 3

Orlando, FL 32810

United States

London, UK

14 Liverpool Road, Slough,

Berkshire SL1 4QZ

United Kingdom

Toronto, Canada

20 Pullman Ct, Scarborough,

Ontario M1X 1E4

Canada

Resources