“My company frequently suffers from Distributed Denial of Service (DDoS) attacks, but please don’t publish our company name and website in the news; the attacks will become even more intense, and we might have to shut down because the website crashes all the time. If Yahoo or MSN can’t handle DDoS attacks, what chance does a small company have?” said the director of a private enterprise.
Recently, a series of DDoS attacks have targeted e-commerce websites. In an interview with VnExpress, Ms. Lê Thị Uyển, manager of the website muabanraovat.com, stated: “We announced the launch of our e-shop service on February 28, and immediately, through Yahoo Messenger, threats of DDoS attacks were sent on the very day of our service launch from various chat accounts, along with offers of ‘assistance’ if our system encountered issues.”
Furthermore, a threatening email was sent to the administrator of this website via the feedback box stating: “By the end of the month, I will make the muabanraovat website disappear“. The sender identified themselves as Mậu Vinh, providing an email address and phone number. On the specified date and time, a series of DDoS attacks targeted this website, continuing until the end of March 2.
Similarly, Viet Cơ Joint Stock Company, a well-known business with the website Vietco – The World of Online Trade, faced bankruptcy shortly after enduring continuous DDoS attacks starting on March 3. This situation continues, albeit with less frequency and smaller scale after the media and authorities paid special attention to this case.
Recognizing the damage caused when a website is down, hackers have taken advantage of this and offered “protection.” The sending of emails and instant messages notifying website owners in advance and requesting contact for assistance when issues arise has become quite common. Mr. Phú, an admin of a computer sales website, remarked: “Offering to protect websites from hackers these days is closely linked to DDoS. During peak shopping seasons, we get attacked, especially with prior notice in a challenging manner that we have no choice but to endure; we cannot defend ourselves, nor can we compromise.”
The operator of another website, who has also struggled with DDoS attacks, agreed with Mr. Phú: “Online protection operates like organized crime. They attack online stores and then demand money in return… How can one ensure that the website won’t be attacked after paying? Compromise is the most foolish thing to do because DDoS cannot be defended against, and hackers can easily execute this type of attack.”
Ms. Uyển, who manages nearly ten websites focused on buying, selling, and advertising, and regularly faces DDoS attacks, added: “Getting attacked has become a norm. Whether we are afraid or not, being online means accepting all risks, and just because we are scared doesn’t mean hackers will spare us. However, the damages from online business are incalculable.”
According to Ms. Uyển, before being DDoS attacked, muabanraovat.com shared a server with ipowerweb.com, but after two attacks, the server owner refused to rent it out again, resulting in damages of $150 in just a few days. Subsequently, similar amounts were lost on other servers such as Lunuarpages, hostway.com, Globat.com, midphase.com, Yahoo hosting, and VDC. “The total assessed damage just for renting a shared server over a month reached thousands of dollars,” Ms. Uyển recounted. Currently, this website has set up a dedicated server at RIeNG ThePlanet.com, costing $400-$600 per month instead of the shared service that would only cost $20 to $30 if there were no DDoS attacks.
Mr. Phùng Minh Bảo, Director of Viet Cơ Joint Stock Company, further stated that before being ‘attacked’, Vietco aimed to achieve 3,000 e-stores by April 30 and had hired 30 additional sales and consulting staff. However, after the DDoS, nearly 70% of the staff were left idle. The costs of upgrading servers, acquiring new equipment, maintaining systems, and resolving issues are very high while revenue is zero. Business plans were affected, customers demanded compensation, trust was lost, and employee morale declined… “In just 20 days, the estimated material damage exceeded 100 million VND. Attacking a business that relies entirely on its website like this poses a high risk of bankruptcy“, Mr. Bảo lamented.
“Defending against DDoS attacks for e-commerce websites is a pressing and quite challenging issue given Vietnam’s technological capabilities, as attacks through port 80 are legitimate and difficult to prevent with hardware devices“, said Mr. Trần Hùng Cường, Director of Computer Rescue Center 911. “Currently, no organization dares to claim they have a good solution to help websites defend against large-scale DDoS attacks.”
To mitigate these attacks, some websites currently use software shields like ddth.com, employing an access verification mechanism that requires users to click a link when they first access the website. Additionally, some homepage sites require re-confirmation of code when wanting to view internal content. Based on two years of experience combating DDoS from muabanraovat.com, during small-scale attacks, the homepage can crash within 30 minutes, requiring a restart of the web server at the 25th minute and constant monitoring. For large-scale attacks, the defense capability is still limited and requires support from the server provider.
In a rather unique case, the website owner, after being attacked by DDoS in the form of xflash, managed to locate the homepage hosting the attacking flash segment and demanded that the webmaster immediately remove the code. After receiving no response, this website owner retaliated by launching a DDoS attack on the website hosting that flash segment to free themselves and defend. Although this “tit for tat” solution is not healthy and not endorsed, many believe it may be the only option when negotiations fail.
In reality, many businesses entering e-commerce did not anticipate the risks posed by DDoS attacks from the online “underworld.” After facing continuous intimidation from hackers, some businesses quietly abandoned their online ventures, while others persisted. “If the website goes down, we rebuild it; after a few times, even hackers get tired and pay less attention. However, occasionally the website still gets attacked, though less frequently than before, but we must remain vigilant, and the time spent monitoring the website has significantly increased“, said the owner of a mobile phone sales website.
According to Mr. Phùng Minh Bảo, the potential for unfair competition from industry rivals is very high. Online business operators also added that there is a possibility of misunderstandings among companies in the same field to exploit or “protect” because this company is thriving with an ever-increasing number of virtual stores. IT professionals believe that DDoS attacks may also be executed by hackers who own high-traffic websites.
“Many businesses may have been pre-warned by hackers of impending DDoS attacks and extortion for protection, but they do not report this. There are hacker groups that own botnets with thousands or even tens of thousands of computers in Vietnam, and if they launch a DDoS attack, even with strong protection, websites will still struggle to withstand it.” stated the Director of 911.
Some opinions suggest that part of the reason for DDoS attacks stems from advertising campaigns for security products designed to combat hackers. Additionally, the timing of IT competitions often coincides with peaks in DDoS activity, so it cannot be ruled out that marketing products, training for security, and competition may play a role. However, as long as DDoS remains shrouded in mystery, all reasons are mere speculation.
Văn Hồng
