X
Tech

Human rights sites must improve DDoS strategy

Distributed denial of service attacks against independent media and human rights sites have been common in 2010 and are expected to become more frequent, Harvard researchers have said.Along with distributed denial of service (DDoS) attacks these sites were also defaced, hacked into, and filtered by governments to reduce service, the report said on Monday.
Written by Jack Clark, Contributor

Distributed denial of service attacks against independent media and human rights sites have been common in 2010 and are expected to become more frequent, Harvard researchers have said.

Along with distributed denial of service (DDoS) attacks these sites were also defaced, hacked into, and filtered by governments to reduce service, the report said on Monday.

Sites should consider moving to a resilient cloud-based service to counter DDoS attacks, the report said. It noted both Blogger — which is hosted on Google's extensive internet infrastructure — and Amazon Web Services — which underpins retail site Amazon.com — as examples of scalable options.

"Organisations that choose to host their own sites should use systems to detect attacks and, when necessary, degrade site performance and retreat to backup hosting on a free, highly DDoS-resistant hosting service like Blogger," the researchers wrote. "Simple modules for popular content management systems could automate this process and minimise the disruption of an attack."

Amazon Web Services' (AWS) hosting of whistleblower site Wikileaks was picked out as an example of an independent media site moving its hosting to a more scalable platform. AWS then ceased its relationship with Wikileaks.

The report made two major recommendations to organisations that expect to come under DDoS attacks: if non-technical, to consider a move to a large blog host such as Blogger or WordPress; if technically skilled, to consider using site architecture "that allows for graceful degradation in response to high load and automated failover to mirror sites".

Every organisation should have a mirror of the site that is not publicly listed and that uses infrastructure independent of the hardware used to host the main site. Sites should have a pre-agreed failover strategy for when DDoS attacks occur, and should tell hosting companies if there is a risk of a DDoS incident, the report said.

The report was published by Harvard's Berkman Centre for Internet and Society.

Editorial standards