Skip to main content

Evaluating your threat model

PAGE

Evaluating your threat model

Certain factors can make your site more vulnerable to going down in the event of a DDoS attack. To assess your risk, you should think about a variety of factors: what you’re trying to protect (your asset, or the information and data hosted on your site), who you’re protecting it from (your adversary, for example a government or other group), and what resources are available to help protect your site.

The following questions will help you evaluate your risk, and make decisions about precautionary measures you can take to protect your site against a DDoS attack.

What are you protecting?

If a DDoS attack takes down your site, both you and your site’s visitors will (temporarily or indefinitely) lose access to the content that is hosted on it. You will also lose the ability to publish information on your site until it is restored. As part of the process of evaluating what the cost of this would be, make a list of the following:

  • Types of data or information hosted on your site
  • Types of data or information published on your site
  • Who the information on your site is published for (i.e. who your audience is)

Based on what you’ve written down, you can begin to evaluate what you need to protect, and what the consequences might be if your target audience is prevented access to it as a result of a DDoS attack.

Who are you protecting your site from?

Knowing who would have motivation to take down your site can be difficult and may require a fair amount of speculation. Actors targeting your site might change over time, depending on what you publish and various other circumstances.

Some governments, for example, might sponsor a DDoS attack against a news site during an election period due to the publication of a specific article, while other actors might have different motivations to launch similar attacks during another point in time.

The following questions might help you to identify who could have motivation to take down your site:

  • What is published on your site?
  • Who or what is your site expressing criticism towards (if at all)?
  • Whose interests are challenged by what is published on your site?
  • Who are your competitors?
  • Who are your site’s visitors?
  • How much and what type of impact does your site have?

While the above questions can be hard to answer and do not necessarily pinpoint who would actually launch a DDoS attack against your site, they might help you identify potential actors who could have such motivation. Once you have identified potential adversaries, ask yourself:  What motivation do they have in taking down my site? From a cost-benefit perspective, would such an action be worth it to them?

How many resources can you invest in protecting your site?

There is no single solution for protecting your site. Determining which solutions are best for you depends on your budget and the technical expertise of your team.

Each protection measure has its costs and benefits. If you are running a small human rights organization without the budget to hire a technologist, hosting your site on a platform that provides DDoS protection might be your best option because the benefits of doing so outweigh the costs. However, if you have more resources to invest in DDoS protection, then you might prefer to hire technologists to host your site on alternative services.

Back to top

JavaScript license information