I’ve been talking about bot attacks and security a lot lately, with good reason. And I know that it’s something that you wish you could put on ignore. But it’s just not anymore – not as a site owner, or the owner of any device connected to the Internet. The bar has been significantly raised lately on cyber security.
This post on The Hacker News titled Tor Network Used to Host 900 Botnets is one of the few publicly available articles that talks about what is really going on and just how big this problem is. It’s pretty geeky, so let me sum it up and put it in perspective for you here so you know what’s going on and what’s coming.
Bigger Than We Ever Knew
In one of the major attacks last year that took down whole server companies like HostGator, only one botnet was used, and it was 90,000 computers strong. This Tor network is thought to have 900 botnets. And this is only one place they are hiding. Now when I tell you that a tidal wave is coming, you have some idea of what that means. If just a few of these botnets all focus on single target, it will be devastating.
An Android Trojan is being harbored in this same Tor network too.
Impossible to Block
The hackers can deliver the attack from this network in a way that is almost impossible to identify and block.
Put it in Perspective
Now, I know it’s spring and no one wants to hear any more about the winter storms we’ve had, but while it’s fresh on our minds, let’s use it as an analogy for this botnet thing.
Up in the northeast, there was a time when they were having snow storm after storm. It caused everybody to do a lot of shoveling all the time, but they were able to ride it out because they are prepared for such things. Well, that’s like what enterprise-level bot attack protection for banks and big stores fend off every day. And they really jump into high gear when the big storms hit.
Now, remember when just one storm hit the Atlanta area and crippled the city? That’s more what it’s like for those on shared hosting using plugins and free CDN protection when just one botnet hits. They just don’t have the resources to fend off such a big storm.
And the hosts are limited with what they can do on the server because what they do to protect one site could kill legit traffic on another.
So, to wrap up this analogy, if you live in a place that can’t handle the storm, you can expect to lose money on the days when no one can get to your site, just like store owners lose money when no one can drive through the snow to get to them.
Tor Die Die Die
You can jump all up and down mad and throw a hissy fit about why somebody doesn’t shut this Tor network down. And that effort will be just as effective as Prohibition.
As long as there is money involved, there will always be “Darknet resources” like Tor.
Hackers are crazy smart. They will build another network and more botnets. And no, they don’t have anything better to do than rip off the billions of dollars sitting unprotected on the web. That currency is in the form of actual money, or emails, credit card, and other info they can sell.
Here’s What You Can Do
And if you’re running on the cheap with your hosting and protection, be patient and maybe even grateful if the whole server comes down. It may be the only way the host can stop the attack and keep your site and all the other data and info on the server safe. Think of it as a last resort bomb shelter. When everything outside is destroyed, you’ll come out intact.
I’m putting my own money where my mouth is.
I’ve taken BlogAid and my bigger site clients through the deepest performance and security audit I can and we’ve all moved up to Managed VPS on A2 Hosting (aff link). We’re no longer on the cheap with our biggest business investment. But, we’re not at enterprise level either. That level is simply cost prohibitive. We’re getting the best protection we can.
You have to do what’s best for your business at your level. But, when you make that assessment, consider the cost of downtime and/or losing your site completely and rebuilding from scratch, including all of your listings in search.
There is no such thing as a bullet-proof site or a public hosting company that is immune to a tidal wave attack.
Your best investment is a solid backup and restore solution with your files stored off site. I use and recommend BackupBuddy (aff link) and store on Amazon S3.
I do site evaluations and audits at levels from live, :30 minute sessions where you see what I see all the way to the same full performance and security audits I put BlogAid through.
Do what you can to protect your investment now, before the botnet tidal waves get any worse.