2016 broke all the rules and boundaries on the web, from fake news to hacking our democracy. Not only did hackers attack large organizations, but our servers as well. In the last 13 months, we saw an amazing uptick in attacks on our web server, mostly from Russian and Chinese IP addresses, but also from IPs here in the USA. When it first started back in late 2015, we started recording, vetting and blocking offending IPs in our server's firewalls, in an attempt to stop the barrage of attacks ranging from Brute-Force admin logins to SQL Injections and File Uploads. At the time, we had no idea it would grow into the beast it did.
According to statistics at AbuseIPDB.com, attacks on US servers has increased 10 times over from 2012 to 2016, from 2,000 attacks to over 20,000 in 2016. To date, they have recorded over 384,000 reported attacks from various IPs around the world, but the bulk of them were from Russian Federation, Ukraine and China. We had to get a crash course in modern hacking techniques when we were attacked by a block of 3300 IPs, trying to login to dozens of client's websites a few months ago. This attack brought our server to it's knees, with over 150,000 attempts in less than 30 minutes. Our security team had a tense few hours, as they recorded the massive attack, traced them back to Ukraine and Russia, and blocked them from our servers with our Firewall. That was the first time we had a large scale Denial of Service attack, but it wasn't to be our last.
Our Firewall block list used to have a handful of IPs, as we have recorded and blocked the more egregious attacks over the years. But in 2016, our block list swelled to over 20,000 individual IPs, network pools and IPsecs from attackers trying everything from Malicious File Uploads to SQL Injections. In response, we developed a procedure and software to detect, report and block each and every attack on any of our websites. To date, we have reduced overall traffic to our servers by 80%, with a corresponding increase in available bandwidth. Another side effect is less power consumption and CPU usage, all without blocking a single legitimate IP.
Once we had that working on our Linux . Unix servers, we turned our attention to helping Windows™ based servers and PCs block these criminals. We developed a software that updates the native Windows Firewall with our IP list, and updates it every day from our Firewall, as attacks continue every day, and new IPs are used for nefarious purposes. We realized right away that we were looking at a new product and service that everyone could benefit from.Thus, HackerIPBlocker.com was born.
Now, we are offering our software to the world via subscription with a new service that updates your Windows, Unix or Linux machines from known and reported Hackers and Spammers from various sources around the web. Using this software, we have been able to reduce or eliminate hacker traffic to webservers, mail servers and workstations. no matter what Operating System they are using.
Check out more about this incredible service at www.hackeripblocker.com.