Informing Clients During a DDoS Attack

Just suppose your web hosting company became a target of a large multi Gb/s attack against your servers? Some of your clients’ websites go down on Friday afternoon at 5:00 depending on the region and stay offline for approximately 20 hours. Certain regions are not able to resolve DNS, while other regions resolve normally. Your clients’ reactions range from slightly annoyed to becoming outraged. Most customers are accustomed to your 24/7 support which has been excellent, and do not have the technical sophistication to even know anything about a DDoS attack. How does a company explain the situation in full for all clients, even though some regions are normal, others are slower than normal, and still others are not reachable at all?

Let’s just say the attack was first recognized when network storage was unavailable, and some websites in certain regions slowed to a complete halt. Even though you knew what had happened and maintained the problem was not with the server, specialists had to be called in which took the 20 hours to restore all service.

Attacks raise questions about how quickly clients should be informed about a DDoS attack and what levels of trust customers should place in their providers. Many clients would not notice DNS downtime and would not even have known of an attack.

How much do you tell the clients about a DDoS attack? After all, they want a reason as to why their website was down.

What is a DDoS attack?

Distributed denial of service or DDoS attacks have been around since the beginning of the Internet, and it is the least sophisticated method of targeting a website. Basically, a large number of computers all visit the same web address at the same time and overwhelm the site’s system to view a page thus blocking the site to real visitors. Picture setting up a kissing booth in the nearest supermarket and inviting Brad Pitt; the aisles would be so crowded with women that no one would be able to shop for groceries until Brad left. In other words, DDoS attacks most commonly involve a group of attackers who flood a website with excessive amounts of requests in an effort to prevent it from providing services for regular customers.

Most attacks, fortunately, are short-lived. However, some attacks have brought down entire companies for a period of time including Google, Twitter, and most recently PayPal, as well as government websites
ـــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ