How DDoS Attacks Impact Hosting Providers [Part 1] – Web Availability

For any hosting provider distributed denial of service (DDoS) attacks are probably the #1 cyber threat. DDoS attacks are not just a web availability issue, but also a data security issue. For this blog post I’ll limit the discussion to the effects of volumetric DDoS attacks that affect web availability of a hosting provider and its customers.

Because a hosting environment offers such a large attack surface, they make attractive targets for DDoS hackers. Most hosting providers experience DDoS attacks on a nearly daily basis, even if they are typically not volumetric attacks that drag down an entire network. When a hosting provider gets hit with a volumetric attack, the ramifications can be far-reaching and long-lasting. Last September French hosting provider OVH experienced such an attack, and a few days ago 123-Reg was crippled for several hours by a DDoS attack (its second DDoS attack in less than a year.) If a hacker succeeds in launching a several-hundred-gigabit DDoS attack to take another website offline, it will almost certainly affect customers who co-reside or are reliant on the infrastructure transporting the attack; that’s “collateral damage.”

Damage to Customers

First, it is the provider’s tenants who suffer; their websites go down and, in some cases, they cannot get their email. As part of their service level agreements (SLAs), many hosting providers offer 99.9% (or even 99.999%) uptime. However, even 1% downtime can dramatically affect a business. In the event of downtime, some providers offer a compensation, such as a credit to the customer’s account, usually a percentage of the monthly fee. However, that credit might not outweigh the downtime cost to the tenant; if a business website is down, that usually means that clients or customers can’t find the business online or access its products/services. This usually results in loss of revenue, and damage to brand/reputation.

DDoS Impacts on the Hosting Provider

DDoS downtime also has serious ripple effects on the hosting provider. These fall into three categories:

  1. Brand/Reputation Damage. Uptime is perhaps the most important criteria by which hosting providers are judged. Poor reviews from end users or professional product reviewers lead to high customer churn and fewer new customers.

  2. Loss of Revenue. When their websites go offline customers aren’t sympathetic to the hosting provider; they’re likely to switch hosting providers. This, of course, leads to lost revenue.

  3. Service Level Agreement Costs. Although account credits are relatively small, those reparation payments decrease a hosting provider’s bottom line.

An Ounce of Prevention is Worth a Pound of Cure

Hosting providers are attractive targets for DDoS criminals, but they don’t have to be easy targets. DDoS solutions have improved radically over the past 10-15 years. Gone are the days when black-holing or null-route routing was a reasonable option; that approach may remove some of the bad traffic from the network, but it enables, rather than prevents, a denial of service.

Today there are new DDoS protection appliances (hardware), deployed at the network edge, which detects and blocks all DDoS traffic, preventing it from entering the hosting provider’s backbone infrastructure. It’s important for hosting providers to appropriately detect and block all DDoS attack traffic, not just the volumetric attacks that make headline news by affecting web availability. In my next blog post I’ll discuss how short-duration, sub-saturating DDoS attacks pose serious risks to data security.

For more information, contact us.