At this very moment our website is enduring a barrage of eight cyber-attacks originating from five different countries, the U. S., China, Turkey, Germany, and Ireland.
What’s frightening is that this isn’t really news. It’s business as usual, merely a continuation of what has become “normal,” part of a pattern that totals more than 6,670 attacks in the past six months.
By the end of the day today, tomorrow, and every day, the bad guys will have made 40 more attempts using 21 different technologies. The security systems we ramped up after suffering a major and partially successful attack by Minsk-based Belorusian extortionists last October will have blocked every threat. Not one of the thousands of cyber-attacks since October have caused any damage or seriously threatened a breach, but it is sobering to watch in real time what seems to be an endless flow of attempts.
While the October cyber-attack was an attempt at commercial extortion, there seems to be a nearly infinite number of variations and motivations. Are some of the attacks “state sponsored?” Probably. Kids seeking challenges? Almost certainly. Cyber crooks? Positively. At the end of the day, though, they’re all serious threats, and we’re grateful that defensive strategies and technologies have advanced so rapidly.
The truly great and amazing news is that none of the cyber-attacks have succeeded; there has been no damage, no interruptions.
A contrary surprise has been the near-death of spam. In the six months ended a year ago, our site had been targeted with nearly 9,000 spam messages, all successfully blocked. In the most recent six months, that number dropped to ten. Not ten thousand. Just ten. Fewer than two a month. That’s an enormous and encouraging improvement, the payoff from thousands of ISPs around the world listening to customers telling them to fix the issue, to disconnect the bad guys before the good guys walked.
Three attacks on our website, two in the U.S. and one in Germany, are partially obscured by normal traffic on Monday