DDOS Attacks and You! 2017-12-15T08:20:54+00:00


What​ ​is​ ​a​ ​DDOS​ ​attack?

DDOS​ ​stands​ ​for​ ​”Distributed​ ​Denial​ ​of​ ​Service”​ ​attack.​ ​In​ ​laymen’s​ ​terms,​ ​a​ ​DDOS​ ​attack​ ​is​ ​a flood​ ​of​ ​requests​ ​directed​ ​at​ ​a​ ​single​ ​target,​ ​with​ ​the​ ​intent​ ​of​ ​shutting​ ​the​ ​target​ ​down​ ​by overwhelming​ ​it.​ ​The​ ​perpetrator​ ​typically​ ​uses​ ​hundreds​ ​or​ ​thousands​ ​of​ ​hosts​ ​from​ ​all​ ​over​ ​the world​ ​to​ ​attack​ ​the​ ​target,​ ​making​ ​it​ ​impossible​ ​to​ ​stop​ ​the​ ​attack​ ​simply​ ​by​ ​blocking​ ​a​ ​single source.
When​ ​a​ ​cooperative​ ​member​ ​is​ ​the​ ​target​ ​of​ ​a​ ​DDOS​ ​attack​ ​the​ ​whole​ ​network​ ​(including​ ​all member​ ​connections​ ​to​ ​Telemedia)​ ​slow​ ​to​ ​a​ ​crawl,​ ​and​ ​many​ ​services​ ​stop​ ​working​ ​altogether. While​ ​state-of-the-art​ ​preventative​ ​DDOS​ ​measures​ ​are​ ​in​ ​place​ ​with​ ​our​ ​upstream​ ​provider, they​ ​still​ ​take​ ​some​ ​time​ ​to​ ​kick​ ​in.​ ​Because​ ​of​ ​this,​ ​and​ ​because​ ​a​ ​single​ ​DDOS​ ​attack​ ​can​ ​take down​ ​our​ ​entire​ ​network,​ ​we​ ​take​ ​these​ ​attacks​ ​very​ ​seriously.​ ​Customers​ ​who​ ​are​ ​targeted​ ​by DDOS​ ​attacks​ ​are​ ​notified​ ​by​ ​Telemedia,​ ​so​ ​that​ ​they​ ​can​ ​take​ ​steps​ ​to​ ​stop​ ​the​ ​attacks. Continued​ ​attacks​ ​could​ ​result​ ​in​ ​account​ ​suspension,​ ​and​ ​ultimately​ ​account​ ​termination.​ ​While we​ ​don’t​ ​wish​ ​to​ ​disconnect​ ​any​ ​member​ ​in​ ​good​ ​standing​ ​intentionally,​ ​we​ ​(like​ ​other​ ​Internet Service​ ​Providers)​ ​are​ ​forced​ ​to​ ​do​ ​so​ ​to​ ​preserve​ ​the​ ​integrity​ ​of​ ​our​ ​network.

What you can do if you are targeted by a DDOS attack:

If​ ​you​ ​are​ ​targeted​ ​by​ ​a​ ​DDOS​ ​attack,​ ​you​ ​will​ ​be​ ​contacted​ ​by​ ​Telemedia​ ​personnel.​ ​You​ ​will likely​ ​be​ ​sent​ ​to​ ​this​ ​page​ ​to​ ​read​ ​about​ ​DDOS​ ​attacks,​ ​and​ ​our​ ​DDOS​ ​policy.​ ​Following​ ​the recommendations​ ​on​ ​this​ ​page​ ​will​ ​stop​ ​99%​ ​of​ ​DDOS​ ​attacks.​ ​Please​ ​read​ ​this​ ​information carefully,​ ​and​ ​follow​ ​the​ ​steps​ ​below​ ​to​ ​ensure​ ​future​ ​attacks​ ​do​ ​not​ ​occur:

Take​ ​These​ ​Simple​ ​Steps​ ​to​ ​Stop​ ​DDOS​ ​Attacks:

  • Laptop computerStop​ ​Contentious​ ​Online​ ​Behavior:​​ ​DDOS​ ​attacks​ ​can​ ​happen​ ​for​ ​a​ ​variety​ ​of reasons,​ ​however​ ​the​ ​majority​ ​end​ ​up​ ​being​ ​“social”​ ​ones.​ ​Ensure​ ​members​ ​of​ ​the household​ ​have​ ​not​ ​acted​ ​contentiously​ ​with​ ​others​ ​while​ ​online.​ ​If​ ​they​ ​have,​ ​make​ ​sure the​ ​behavior​ ​stops.
  • Halt​ ​Gaming​ ​Activity:​​ ​Check​ ​with​ ​household​ ​members​ ​to​ ​see​ ​if​ ​there​ ​are​ ​any​ ​online gamers.​ ​We​ ​see​ ​a​ ​high​ ​occurrence​ ​of​ ​DDOS​ ​attacks​ ​associated​ ​with​ ​online​ ​gaming (usually​ ​PC,​ ​XBox​ ​and​ ​PS4).​ ​Tournament​ ​styled​ ​PS4​ ​and​ ​X-box​ ​competitors​ ​are​ ​often targeted​ ​by​ ​DDOS​ ​attacks​ ​to​ ​take​ ​them​ ​out​ ​of​ ​the​ ​competition.​ ​Unplug​ ​your​ ​gaming console​ ​and​ ​leave​ ​it​ ​off-line.​ ​Permanently​ ​if​ ​necessary.

In​ ​years​ ​past​ ​DDOS​ ​attacks​ ​were​ ​very​ ​difficult​ ​to​ ​orchestrate.​ ​Only​ ​the​ ​most​ ​technically​ ​savvy network​ ​and​ ​software​ ​engineers​ ​were​ ​capable​ ​of​ ​launching​ ​them.​ ​But​ ​today,​ ​anyone​ ​with​ ​a credit​ ​card​ ​can​ ​“order”​ ​a​ ​DDOS​ ​attack​ ​online.​ ​Websites​ ​that​ ​offer​ ​targeted​ ​DDOS​ ​attacks​ ​for​ ​a small​ ​sum​ ​of​ ​money​ ​are​ ​becoming​ ​increasingly​ ​popular.​ ​We​ ​believe​ ​this​ ​has​ ​lead​ ​to​ ​an​ ​increase in​ ​the​ ​use​ ​of​ ​DDOS​ ​attacks​ ​(typically​ ​where​ ​undesirable​ ​online​ ​behavior​ ​is​ ​followed​ ​with​ ​an attack​ ​by​ ​the​ ​offended​ ​party).​ ​Revenge,​ ​blackmail,​ ​and​ ​activism​ ​are​ ​normally​ ​the​ ​motivation behind​ ​DDOS​ ​attacks​ ​aimed​ ​at​ ​businesses.​ ​Bottom​ ​line:​ ​DDOS​ ​attacks​ ​usually​ ​happen​ ​for​ ​a reason.

Telemedia​ ​DDOS​ ​Policy

Once​ ​an​ ​attack​ ​starts,​ ​simply​ ​shutting​ ​down​ ​the​ ​affected​ ​end​ ​point​ ​does​ ​not​ ​immediately​ ​clear the​ ​problem.​ ​While​ ​our​ ​anti​ ​DDOS​ ​system​ ​is​ ​state-of-the-art,​ ​it​ ​still​ ​takes​ ​some​ ​time​ ​to​ ​kick​ ​in. This​ ​means​ ​all​ ​of​ ​our​ ​customers​ ​are​ ​affected​ ​when​ ​one​ ​customer​ ​is​ ​attacked.​ ​Because​ ​of​ ​this, Telemedia’s​ ​policy​ ​is​ ​to​ ​“black​ ​hole”​ ​the​ ​data​ ​packets​ ​of​ ​members​ ​who​ ​are​ ​under​ ​DDOS​ ​attack. Members​ ​whose​ ​packets​ ​are​ ​black-holed​ ​will​ ​appear​ ​to​ ​have​ ​been​ ​disconnected​ ​from​ ​the Internet.​ ​Once​ ​the​ ​attack​ ​has​ ​stopped,​ ​the​ ​black​ ​hole​ ​will​ ​be​ ​lifted,​ ​and​ ​the​ ​affected​ ​customer will​ ​be​ ​back​ ​on-line.

Unfortunately,​ ​Telemedia​ ​can​ ​not​ ​let​ ​customers​ ​come​ ​under​ ​constant​ ​attack​ ​because​ ​of​ ​the effect​ ​a​ ​single​ ​attack​ ​has​ ​on​ ​our​ ​entire​ ​base​ ​of​ ​customers.​ ​Customers​ ​under​ ​attack​ ​will​ ​be initially​ ​notified​ ​so​ ​they​ ​can​ ​respond​ ​appropriately​ ​to​ ​prevent​ ​future​ ​attacks.​ ​However,​ ​after​ ​3 warnings,​ ​if​ ​the​ ​attacks​ ​still​ ​continue​ ​the​ ​black​ ​hole​ ​period​ ​will​ ​be​ ​lengthened​ ​to​ ​48​ ​hours.​ ​​This means​ ​the​ ​customer​ ​being​ ​attacked​ ​will​ ​in​ ​fact​ ​be​ ​off-line​ ​for​ ​48​ ​hours.​​ ​For​ ​this​ ​reason​ ​it​ ​is imperative​ ​to​ ​follow​ ​the​ ​steps​ ​listed​ ​above​ ​to​ ​ensure​ ​further​ ​DDOS​ ​attacks​ ​do​ ​not​ ​occur.

Here’s​ ​what​ ​our​ ​DDOS​ ​Policy​ ​Calls​ ​for:

First​ ​and​ ​Second​ ​Attack​​ ​-​ ​Telemedia​ ​will​ ​contact​ ​the​ ​customer​ ​under​ ​attack​ ​as​ ​a​ ​courtesy. Customer​ ​will​ ​be​ ​back​ ​on-line​ ​once​ ​the​ ​attack​ ​has​ ​stopped.​ ​Customer​ ​should​ ​follow​ ​the​ ​steps listed​ ​above​ ​to​ ​prevent​ ​future​ ​attacks,​ ​including​ ​taking​ ​gaming​ ​consoles​ ​or​ ​other​ ​affected devices​ ​off-line​ ​(permanently,​ ​if​ ​necessary).

Third​ ​Attack​​ ​-​ ​Telemedia​ ​will​ ​contact​ ​the​ ​customer​ ​under​ ​attack​ ​as​ ​a​ ​courtesy.​ ​Customer​ ​will​ ​be back​ ​on-line​ ​once​ ​the​ ​attack​ ​has​ ​stopped.  Customer will be reminded that future attacks will result in a 48 hour blackhole cooldown period.  Customer should follow the steps listed above to prevent future attacks, including taking gaming consoles or other affected devices off-line (permanently, if necessary).

Fourth​ ​(and​ ​future)​ ​Attacks​​ ​-​ ​Telemedia​ ​will​ ​not​ ​proactively​ ​contact​ ​the​ ​customer.​ ​​ ​Customer will​ ​be​ ​back​ ​on-line​ ​once​ ​the​ ​attack​ ​has​ ​stopped​ ​and​ ​the​ ​48​ ​hour​ ​cooldown​ ​has​ ​passed. Customer​ ​should​ ​follow​ ​the​ ​steps​ ​listed​ ​above​ ​to​ ​prevent​ ​future​ ​attacks,​ ​including​ ​taking​ ​gaming consoles​ ​or​ ​other​ ​affected​ ​devices​ ​off-line​ ​(permanently,​ ​if​ ​necessary).  Customer’s Internet service is now at risk and may be permanently shut down (at the discretion of management) if the attacks continue.