My blog has been off-the-air for the last six days or so. Thousands of daily visitors would either get an error message, or perhaps a mangled version of text only.
My blog service provider -- TypePad -- successfully fended off a massive DDoS (distributed denial of service) attack, but it took them many days to do so. Thousands of their customers could only watch helplessly, day after day, and hope for the best.
After all, our options were limited :)
While the final story has yet to come out, there is strong evidence that this was an extortion attempt. Ransom was demanded -- and refused. Several similar incidents have already occured, more are inevitable.
A couple of thoughts?
First, I realized just how highly dependent I had personally become regardling certain online services: the blog, my calendaring, sync-and-share, financial, travel, etc.
Take any one of them away for a few days, and I'm in a world of hurt -- with no Plan B. Worse, I don't have any good ideas on how to mitigate the risk going forward without serious complexity and cost.
Second, I had to wonder -- how many online services are prepared to respond to a similar extortion attempt? I talk to many folks who are involved in disaster recovery and business continuity -- I'd be curious on just how many recognize this relatively new threat, and have succcessfully prepared themselves -- or have even tested their capabilities.
When information is the new wealth, we're all potential victims of digital extortion.
Recent Comments