How to prepare yourself for the next DDoS attack

Most experts say it's a matter of when, not if. Here's how to make sure the next outage doesn't totally wreck your day.

Rick Broida Senior Editor
Rick Broida is the author of numerous books and thousands of reviews, features and blog posts. He writes CNET's popular Cheapskate blog and co-hosts Protocol 1: A Travelers Podcast (about the TV show Travelers). He lives in Michigan, where he previously owned two escape rooms (chronicled in the ebook "I Was a Middle-Aged Zombie").
Rick Broida
4 min read

No Spotify. No Twitter . No Netflix.

Last Friday, millions of US residents woke up to that reality, the result of a major distributed denial of service (DDoS) attack.

Although not being able to stream "Stranger Things" on a weekday is merely an inconvenience -- a serious one, I grant you -- the attack crippled any number of smaller sites and services that no doubt caused more than just inconvenience.


Last week's DDoS attack was felt across the entire US.

Screenshot by Laura Hautala/CNET

And I'll bet I wasn't the only one left scrambling, trying to figure out how to accomplish certain tasks or even reach certain people. Turns out it's a bad idea to keep all our eggs in the internet's basket, because you just never know. So here are a few things to keep in mind before and during the next DDoS attack.

But first: Find out if there's actually an internet outage

Although DDoS attacks are on the rise, they're still relatively infrequent. So if you're having trouble, say, connecting to Facebook or retrieving your email, chances are good there's another culprit.

Whenever you're unable to do something online, some quick troubleshooting can help pinpoint the problem. For example, if my laptop can't connect, I check my phone. If it can't connect either, I disable its Wi-Fi, forcing it to switch over to 4G LTE. Assuming I get connected that way, I know it's either a router issue or a provider issue (Comcast, for example). As often as not, resetting the modem and router gets me back in business.

You can also try visiting sites like CurrentlyDown and Downforeveryoneorjustme.com to quickly determine if a particular destination (such as Facebook or Twitter) is having an outage. It's been known to happen, and it's rarely indicative of a broader DDoS attack.

Just two days before the most recent DDoS attack, many folks in my neighborhood were experiencing intermittent connectivity issues. Fortunately, we have a neighborhood Facebook group, so we were quickly able to narrow down the problem: Comcast. (DSL and dish customers weren't having the same issues.) Ironically, although Comcast resolved it within two days, that's when the attack hit -- and some neighbors were hoppin' mad, thinking it was still a Comcast outage.

Make sure you have a local backup

Cloud services like Dropbox and Google Drive are great for making your documents accessible anywhere and everywhere -- right up until you're no longer able to get online. That shouldn't be a problem if your cloud service is configured to sync with local folders, but don't wait until it's too late to make sure.

For example, if you use Google Docs or Microsoft Word Online in your browser, all your documents are kept exclusively in the cloud. Unless you've installed the Google Drive app on your desktop, you won't be able to access your Docs docs offline. What's more, Microsoft's online version of Word doesn't sync with your PC unless you have an active Office 365 subscription. You can download individual documents, sure, but if you're suddenly cut off from the internet or Office.com, you're out of luck.

That's why I continue to rely on desktop software (WPS Office is a great, free, Microsoft Office alternative) that stores documents locally. I sync those documents with OneDrive , but they're always accessible offline if necessary.

Something else to consider: downloading your favorite playlists. Spotify, as noted earlier, was among the service affected last week, meaning many subscribers were unable to stream their tunes. Fortunately, Spotify lets you download songs for offline listening, and most of the other major music services do as well. Obviously you'll want to pick and choose what to store on your phone or tablet, depending on how much storage is available, but it's definitely a good idea to keep at least some music local.

While you're at it, why not stock up on some "emergency TV" for the train or treadmill? If you're an Amazon Prime subscriber, you can download movies and TV shows for offline viewing. (Might I recommend a few episodes of Amazon's "Casual"? Or HBO's "Deadwood"?) It's all about being proactive -- and prepared.

Make sure you have multiple ways to contact people

Admit it: Do you even bother keeping phone numbers anymore? Many modern relationships -- especially business relationships -- exist solely online: email, Facebook, WhatsApp and so on. But imagine last week's attack had been worse, rendering some or all of those tools useless. Now what?

Time to go old-school: Make sure you keep an address-book entry for the important people in your life (personal and business alike), and make sure that entry includes multiple modes of contact -- including work, mobile and/or home phone numbers.

Of course I'm referring to the address book on your phone, but there's nothing wrong with keeping a print version as well. It's just one more item to keep under the you-never-know umbrella.

Speaking of phones , a DDoS attack might render yours inoperable -- if it relies on voice-over-IP technology. So, for example, if you use Ooma for your home phone or a VoIP-oriented mobile provider (such as FreedomPop, Republic Wireless or TextNow), you may find yourself unable to place or receive calls. Unfortunately, there's not much you can do about that, though some of the aforementioned mobile carriers will toggle over to cell towers if internet is unavailable.

Try a different DNS

Finally, if you're in the middle of DDoS attack and desperate to reach an affected site, there's one thing you can try: changing the Domain Name System (DNS) server on your PC.

In a way it's like switching to an antenna when your cable TV goes out: You still get to watch TV, you're just using a different delivery system.

No idea how to do this? It's not that difficult, especially if you follow our guide to changing your DNS. (Pro tip: Print a copy of that tutorial and keep it to hand, just in case it's CNET.com you can't reach.)

One last thing: No internet? Consider it "found time" (the next best thing to "found money"). Go for a walk, call your mom, open a book. When you enjoy a forced break from the internet, the hackers don't win.