Last week the BitTorrent site Mininova was hit by a large-scale DDoS attack that caused a total of 14 hours of downtime. Regardless of what you think about torrent sites, this was an interesting example of how a website can be incapacitated by a DDoS attack.

We chose this example to illustrate the effect of a DDoS attack because Mininova shared some relevant information about the attack, especially a very telling traffic graph from their Internet connection. The below traffic graph shows the impact on one of Mininova’s two Internet connections during the initial attack.

The site was attacked by a botnet (using hundreds of computers) using UDP connections, and judging by the above graph it reached full effect almost immediately.

The attack generated 2 gigabit of traffic per second. Since the attack maxed out Mininova’s Internet connection it made the site very slow and sometimes impossible to reach.

This is a typical example of a DDoS attack. Its objective is to in one way or another overload a site or service until it can’t function properly.

Now let’s take a closer look at how the site was affected.

How was site uptime and load time affected?

The above network graph is interesting, but what was the actual effect on the website’s load time, and how much downtime did it result in? We have some uptime monitoring data for the site (from Pingdom) which clearly shows the effect of the DDoS attack.

As you can see by the load time graph here below, there were actually two separate attacks; one that started very early on Friday (European time) and one that started on Saturday. The time stamps below are in GMT+1.

Note that the load time in the graph above only includes the loading of the HTML, not images, etc.

The above only shows the load time for when the website could be loaded at all. In many cases the load attempt simply timed out (30+ seconds in our case). So the effect was double. Slowdown AND downtime. Note how the reduced uptime in the graph below matches the periods of increased load time.

Counted over the two attacks, this DDoS attack cost Mininova 14 hours of downtime and some extreme slowdown. It might be good to remember that people tend to leave a website if it is too slow, so even when the website wasn’t technically down many visitors would still have been turned away.

It can happen to anyone

We hope that this practical example gives you a decent picture of how devastating a DDoS attack can be to a website.

It’s worth pointing out that what is described in this article can happen to any type of site. A similar attack could have happened to a blog, an e-commerce site, a social network, a web host, etc.

Another thing to note is that there are a very wide range of different attacks that can happen. To name a different example than the one above, the domain registrar Network Solutions recently suffered from a large-scale attack on their DNS servers that indirectly affected hundreds of thousands of websites that used those DNS servers.

One might also wonder why these attacks happen in the first place. DDoS attacks happen for a number of reasons. Sometimes they involve blackmail (“pay us or we break your site”), other times there are ideological conflicts or other reasons behind it.

Do you know of other recent examples of DDoS attacks that have had a negative impact on websites or services on the Internet? Please feel free to share in the comments.

Further reading (with more DDoS examples): Conflicting opinions causing DDoS blitzkriegs online

Have you ever wondered how much money Google, Microsoft, Apple, IBM, Yahoo, Amazon and other tech giants have in the bank? What kind of assets do they have, how much spending money do they have? The vague answer is, “a lot.” But if you want to find out exactly how much, read on.

Read more

Microsoft and open source, those are two things that traditionally don’t mix. Quite the opposite; the more hardcore members of the open source community tend to view Microsoft as just one step below Satan.

But while much of the open source community has little love for Microsoft, Microsoft is actually trying desperately to send some love back. The Redmond giant may have its own business reasons for doing so, of course, but that doesn’t change the fact that Microsoft is contributing to open source in more ways than most people are aware of.

Read more

What do Android, Visio, Flash, Hotmail, Google Analytics and Powerpoint all have in common? Can you guess?

The answer is: None of them were created by the companies who now own them. They were acquisitions.

These products have continued to develop at their new homes, but the seed of innovation that sparked an actual, new product came from the outside. The key word here is innovation.

Read more

We all know Google is huge and their wide range of services are bound to have a fair share of competitors, but you may be surprised just how wide-ranging Google considers its competition to be.

Here below we have included a quote from Google’s latest SEC filing with some very interesting information about what Google has to say about its competition.

Read more

Big sites and services like Yahoo, Facebook, Twitter and many others rely heavily on open source software to run their operations. Happily, this isn’t a one-way street. They are also giving back to the open source community, not just by contributing to existing projects, but sometimes by open sourcing their own internal projects, giving back something completely new.

And what these popular sites can contribute is often quite valuable. Since they tend to be very large, they run big operations and have been forced to create solutions for scalability and performance problems that most other sites simply don’t have to deal with.

Read more