This morning I watched a botnet attack.
A website we support came under sustained attack from servers around the globe, all seeking to get past the security defences we put in place.
For an hour and 20 minutes a series of servers attempted to crack passwords and open backdoors onto our clients web server. As each one was intercepted and blocked after a number of unsuccessful tries the attempt was transfered to another computer somewhere else and the attack continued.
I watched as computers in Russia, Poland, India, Argentina, Ukraine, Bangladesh, Bulgaria, Vietnam, Georgia, The USA and Germany tried and failed to hack in.
The reason this botnet attack failed was extra software I installed was designed to block precisely the attack mode that was being carried out.
The reason they mounted the attack in the first place was probably to extend their botnet. A larger network of computers can be used to crack other servers faster and built a network even more quickly. Once big enough it can be used for spam emailing, ddos attacks (to stop other people using the server legitimately) as a form of cyber terrorism or industrial espionage or even to mine bitcoins.
The attack was alarming, annoying but ultimately satisfyingly unsuccessful.
If you would like to know more about protecting your website from such attacks, please feel free to call us.