Negative SEO and DDoS Attack

What is Negative Search Engine Optimization (SEO)

Business owners worry about marketing their business, so they take steps to make it visible to targeted markets online. But this may be the least of their worries, since unscrupulous competitors pops out from nowhere and attacks their SEO rankings or gets them banned from Google search engines for violations.

Negative SEO has been a topic in almost all online marketing forums where queries are thrown in to know if competitors are capable of attacking your website in such ferocity. Recent experiences have shown that negative strategies can adversely affect both SEO ranking and Google acceptability rating, contrary to what has been said previously.

Google on its own came up with safety measures to ensure that search engine rankings would not be manipulated by the website owners. The penalty is a stiff one – being banned from Google’s search index immediately. Negative SEO practices include the use of numerous backlinks pointing to the targeted site to mislead Google’s algorithm and manipulate SEO rankings.

When the Google crawlers find your site with a profusion of questionable backlinks, it does the obvious thing – penalized you by taking you off Google’s rankings. Most sites that are of high authority – local Chamber of Commerce, local education sites, trade organizations, charities, television and news programs may have nothing to worry about it. These sites have much authority that no amount of negative attacks can get them banned from Google.

However, it is usually the smaller businesses and website owners who are more vulnerable to such an attack. There are several classic ways on how these are done:

1. When you talk about negative SEO’s, you would most likely think about: spammers and competitors whose desire is to bring down your ranking or take you out of the Google search engines. They may do this by using malware, hacking or injections. Hackers on the prowl may find vulnerabilities in your security FTP logins for them to easily attack it.

Hackers may come in and inject spams or spam links to alter your site. Another example would be the spammers editing your text file to prevent Google crawlers, or restrict Internet Protocol (IP) within a certain range. What happens next is that you will be taken out of search engines and would most likely infect visitors of malware and viruses, unless the security holes are plugged in.

2. The nastiest and biggest technique used by attackers at present, is driving disreputable links to your website. This issue has been discussed in a number of forums, since it was noticed that a number of sites sprouted up offering Negative SEO services at present. These sites had successfully scraped off a lot of ranking from a number of small companies. Being hit by this type of strategy may not get you banned from Google right away, but it can sure pull your ranking status a couple of ladders down.

What can you do?

1. It might be a good idea to review the sites that are being linked to your website. You can leave them or remove them if you don’t feel good about the quality of the sites.

2. You must have strong brand signals to begin with: good brand name, good links, well written press, high metrics and a lot people searching your website – is going to protect you from negative SEO campaigns.

3. Your website must have a solid foundation and with the necessary metrics tool to monitor foul play. Playing the field above board by being honest in your dealings with Google also can go a long way. Google came up with the Penguin Algorithm update and Google Webmasters Tool to identify patterns that tend to manipulate links. It is obviously hard for them to determine whether the site has serious issues of its own or a competitor is employing negative SEO.

4. Hence, as a website owner, knowing these controversies should help you beef up on your awareness of issues confronting Negative SEO. These would also help maintain your long standing presence in the market and keep your well-deserved Google ranking as well.

What is Distributed Denial of Service (DDoS) Attack

DDoS is an attack on a network resource by making it unavailable to its intended users. The motive would generally be to disrupt hosting services of a provider either temporarily or indefinitely to do damage to the business.The targets of these attacks are usually high profiled web servers like banks, credit card companies and root name servers. These are usually carried out by disgruntled competitors and as a tool for a resistance movement. It is sometimes referred to as “Internet Street Protest” as stated by Richard Stallman, a computer programmer and a known activist in the free software freedom movement.

There are many DDoS attacks that are capable of bringing networks to its knees. Among the most common ones follow:

1. Flooding the site with useless traffic or communication that would make the site unable to respond to legitimate queries. This is otherwise known as the SYN flood attack. An attacker can flood the server with TCP/CYN without acknowledging the server’s CYN’s response. The result is that the session table gets filled up with session queries making it unable to accept legitimate queries for connection until the inactivity timer has gone off.

2. ICMP flood attack – is similar to the CYN flood attack. The only difference is that the attacker dumps a huge number of ICMP echo request with a counterfeit IP address. This has caused a lot of sleepless nights to network administrators in the past that it was among the first ones to have been “killed” through the use of several methods.

3. UDP Flood attack – This is like the ICMP attack, except that IP packets that contain the UDP datagram are used against its victims.

4. Land attack – the attacker uses the IP address of the victim as the source and destination. If the victim is unaware of the attack, he may end up trying to connect with it and reaching a dead end loop until it has reached the idle timeout value.

5. Teardrop attack – this type of attack fragments and reassembles IP packets where an attacker can transmit fragmented IP packets. These packets contain overlapping fragment offsets to exhaust the victim’s resources in reassembling them.

6. Ping of Death – an ICMP variation that causes a system to crash. The attacker sends an IP packet that contains more than the allowable 65,507 bytes of data that causes the system to crash.

What to do?

Regardless of the type of DDoS attack, current techniques fall short in mitigating the damage that it can wreck at any given time. Some of the techniques that are used are not optimized to face the growing sophistication of attacks that are seen today. Firewalls are rudimentary forms of preventing these occurrences but are not specifically designed to protect the internal system, against the more advanced types at present. Other strategies like overprovisioning do not guarantee all out protection from vicious larger attacks, and are too costly as a prevention strategy for DDoS.

Businesses with an online presence can invest in DDoS protection. This type of protection may carry its own cost to implement it. However, the DDoS solution may have compelling reasons in terms of future earning streams if solutions for an all out protection is put in place. It is imperative that large enterprises, government units, and service providers among others, protect the integrity of their business operations as a matter of corporate policy, and as a means for market survival.

Leave a Comment