Pages

Monday, October 24, 2016

Denial of Service (DDoS) and Genealogy


Despite our seemingly advanced technology, we can still do very little about the weather and it seems like we are also learning that we can do little about attacks on the internet that disrupt large portions of the county's online activity. As genealogists become more and more dependent on their own electronic devices we are among those thrown out into the rough internet weather along with the rest of the world.

This past week we have suffered through two outages; one extremely local and one wide spread across the United States. First, it is important to understand that neither of these events had anything to do with a loss of our data.

The local event involved a reported upgrade of the firewall protecting the Brigham Young Library the ended up knocking the FamilySearch.org website off the network but only in the Library and not anyplace else. This was not one of the regular lapses in service we have seen from FamilySearch, this one lasted a day and half and was caused by the internal security concerns of the Library technical staff, or so it was reported. The effect was that a large class got cancelled and we were prevented from providing support using FamilySearch.org for the duration of the outage. The Library was very quiet for the day and half it took to remedy the situation.

From my own standpoint, I have converted almost all my classes and presentations to previously prepared slide shows either in Apple's Keynote or Microsoft Power Point to avoid the issues that loss of connection to the internet often cause.

The second and more serious outage did not impact our access so much as it could have. The genealogy programs kept operating despite a huge Denial of Service attack on a major internet service provider. As USA Today points out in its article entitled, "Hacked home devices cause massive Internet outage:"
SAN FRANCISCO — Eleven hours after a massive online attack that blocked access to many popular websites, the company under assault has finally restored its service. 
Dyn, a New Hampshire-based company that monitors and routes Internet traffic, was the victim of a massive attack that began at 7:10 a.m. ET Friday morning. The issue kept some users on the East Coast from accessing Twitter, Spotify, Netflix, Amazon, Tumblr, Reddit, PayPal and other sites. 
At 6:17 p.m. ET Friday, Dyn updated its website to say it had resolved the large-scale distributed denial of service attack (DDoS) and service had been restored.
The outage was enabled by the attacker's remote control use of internet connected devices such as alarm systems and  security cameras to flood the websites with millions and millions of signals that effectively disrupt the ability of the website to operate. As individual users of the internet, there is nothing you or I can do to prevent this type of takeover. Understanding how or why this happened is really a lot like the weather. I may understand why I am stranded in the snow or being flooded out, but that knowledge adds nothing to my ability to overcome the problem. Likewise, the technicians' explanations about how such an internet outage occurs, does nothing to keep the same thing from happening again and again.

How does this impact genealogists? Despite the fact that this particular outage did not affect file storage, it does point out the underlying fragile nature of the internet. For some time now, using online storage has been touted as a solution to our backup and file storage issues. As I have in the past stated many times, we always need to be careful to back up our genealogical data to a variety of devices and services. It is still ultimately important to back up you work to external devices such as multiple hard drives or flash memory drives as well as the judicious use of online storage.

By the way, I was out camping in southern Utah during the general outage and was off the network and without mobile phone service at all and didn't learn about the whole problem until we returned to mobile phone coverage. Likewise, unless you happened to be using one of the websites that was knocked off the internet, you probably missed the whole thing. This reminds me of living in the low deserts of Arizona where it could be raining on one side of the street and not the other.

2 comments:

  1. By the way, the DDoS did affect engineers at FamilySearch significantly as several of the key tools we use to develop FamilySearch.org were not working properly during that time.

    ReplyDelete
    Replies
    1. Oh, I am glad I was sitting out in the desert off the net.

      Delete