DDoS (Distributed Denial of Service) attacks are an increasingly publicised and pervasive online threat, particularly for schools. Hackers use these attacks to restrict access to online or computer resources to the point where they can no longer be accessed.
But how do they render a web site, server or a network completely inaccessible? Well, imagine going into a bank. On a normal visit, you'd walk in, go to the counter, deposit a cheque or withdraw some money, and leave.
But imagine instead that just as you set foot in the door, a thousand other people all rush in at once and tried to mob the counter, each of them shouting and demanding attention from the overwhelmed bank staff. Then imagine that only a fraction of those thousand people are legitimate customers that have a genuine need to be there – everyone else is just a nuisance, a distraction.
Regardless, the bank is overcome and no one is able to access any services. And this, essentially, is what a DDoS attack does; it denies access to services by flooding a target with requests until it is no longer able to serve anyone.
Mark Conrad, Broadband & Internet Services Product Manager at RM Education, explores the three things all schools need to know about the threat and consequences of a DDoS attack, and the steps they can take to be prepared.
Could it affect my school?
The simple answer is: yes. Arguments such as 'we're too small to be targeted' (which certainly isn't going to stop an attack) or 'we have some pretty impressive firewalls on site!' aren't good enough. DDoS attacks can target any organisation of any size, whether large or small; and increasingly, the attacks are beginning to pose a serious concern to schools.
One of the biggest examples of DDoS to make recent headlines was the takedown of Microsoft's Xbox Live and Sony's PlayStation Network last Christmas; millions of users woke up on Christmas day to find that their shiny new consoles would not connect to the PlayStation Network or Xbox Live.
Each of the sites had been flooded with traffic, which in turn prevented anyone from accessing the complementary online platforms provided by the gaming giants – this meant users could not register their consoles, access the full set of game features (many games now need an Internet connection) and were essentially left with a very expensive plastic box for a week until the attack subsided.
The negative publicity around this event was hugely damaging to both companies. And whilst DDoS attacks aren't always on this scale, large events aren't actually that rare; in fact, they are more common than you might think and unfortunately they are on the increase.
In 2012, 35 per cent of companies reported disruptive DDoS attacks. In 2013 this figure rose to 60 per cent and is still increasing. These attacks aren't one-off occurrences either; over 45 per cent of those interviewed reported being attacked on multiple occasions and 17 per cent said they had simply lost count! (Neustar, 2014).
What impact could this have on my school?
Schools are feeling the effects of DDoS in multiple ways, primarily in terms of the content they can access. The websites you need your Year 6 class to log on to can easily be put out of service if the provider or host isn't protected and is under attack. Or, if your Internet service provider doesn't have robust systems in place, you can experience inconvenience ranging from slow bandwidth to a complete loss of service – and an attack can mean losing access to key services for hours, if not days.
Whilst schools are more commonly inconvenienced by DDoS attacks because of something happening to their providers, they can be a target in their own right as well. School pupils are often the most tech-savvy amongst us and launching a DDoS attack is potentially well within the realms of their capability. The bragging rights associated with an attack that brought down their school's virtual learning environment or parent services is something we hear about more and more.
A simple Google search can provide enough information to enable one of your pupils to launch such an attack. However, with DDoS attacks being 'sold off' at $5 for a 1 hour attack or $40 (Juniper Networks, 2014) for a 24 hour onslaught, they may just outsource the inconvenience of initiating it themselves!
As the vast majority of schools are not-for-profit institutions, they are often lulled into a false sense of security by thinking that they are unlikely to suffer such attacks. DDoS targets are mainly aimed at the massive profit churning organisations, right? Wrong. That may have been true back in 2000 when Amazon and eBay were amongst the first targets of DDoS attacks, but this simply isn't the case anymore.
What should I be doing about it?
Firewalls and other industry-standard security systems are a critical part of any network defence, but DDoS attacks are becoming increasingly sophisticated and your IT partner's traditional forms of defence may not be up to scratch.
For example, an attack can be launched as a smoke screen to distract network staff and systems, so that whilst they are dealing with the DDoS threat, hackers can exploit other avenues within the network to remove data or other sensitive materials. By the time the user is aware of this, it is usually too late.
So where does this leave schools? Should you be going out and buying a dedicated DDoS mitigation platform? We don't think so; they are expensive and complex to set up. Instead, schools should be carefully assessing their choice of cloud services and Internet providers to ensure their partners have them covered in this respect.
As trends in education increasingly reflect a gradual move to the cloud, the increased reliance on the Internet – as well as software and applications which are not installed on devices – mean that a DDoS attack or the theft of data could place you in a very difficult position or even blight your school's reputation.
It could leave you unable to carry out the most basic tasks, from browsing the Internet or registering pupils, to more critical functions such as processing new admissions. Unfortunately, DDoS isn't going away and its indiscriminate nature means the education sector and its providers need to keep the threat in mind as they embrace the new and exciting resources available on and offline.
So what can schools do right now to be prepared? Well, first of all – don't panic and don't waste money on extra kit that won't add value to your school's Internet security. Challenge your cloud services and Internet providers to make sure they're keeping up with Internet security and preventing DDoS attacks. And finally, educate your pupils and encourage responsible use of the Internet and IT. Remember, DDoS attacks and other forms of hacking are actually illegal.
To find out about how we protect school's from DDoS attacks and other forms of cyber-attacks or to speak to us about RM as an ISP please call 08000 469 802