A study just released indicates that the websites of independent media and human rights groups are increasingly the target of "Distributed Denial of Service" (DDoS) attacks. The Berkman Center for Internet and Society's report expects the attacks to proliferate, and recommends that these groups increase their security defenses.
One part of the research was conducted through a media review, diving deep into google searches on DDoS attacks, and using several tools including Google Alerts and Twitter to mine relevant media reports. The researchers found 329 attacks against over 815 websites between 1998 and August 2010, with 140 of these occurring between September 2009 and August 2010.
We are often called on to work with websites and content management systems where the previous developer has neglected to implement critical security measures. The reports finds the same, noting that "Content management systems like WordPress and Drupal are inherently vulnerable to DDoS attacks in their default configuration."
As Drupal and other content management systems proliferate, developers should take the time to understand how to secure the systems they implement. One great technical resource for understanding the security of Drupal CMS software is provided by The Drupal Security Whitepaper. The Drupal website has a number of discussion to help developers secure their sites, including the Best Practices in Drupal Security group.