Distributed Denial of Service (DDoS) attacks are one of the leading threats to cybersecurity. This type of attack occurs when a multitude of computers flood a single target with messages or access requests to the point where the target is overwhelmed and finally becomes unreachable to legitimate users.
According to Jose Nazario, Director of Security Research for Fastly, a real-time Content Delivery Network, DDoS attacks have been an internet mainstay for nearly two decades because they are a cheap way for attackers to inflict punishment on their victims. Over the years, attacks have grown bigger and bolder, and this year DDoS attacks are approaching nearly 1 terabit per second of bandwidth. Nearly three-quarters of organizations worldwide have been the victim of a DDoS attack.
Two Types of Attacks
There are two primary types of DDoS attacks. The first type of attack overloads the network to use up all of the available bandwidth. The second type of attack overloads applications with requests to the application’s database. The end result with both types of attacks is a loss of service, revenue, and sometimes reputation.
However, there is often another, hidden, victim of DDoS attacks. The computer systems bombing the target’s network or application are infected with malware. This malware turns computer into botnets or zombies that are controlled by hackers.
Moving Beyond Websites to the Internet of Things
DDoS attacks are favored by hacktivist groups, most famously Anonymous, who want to make a statement against an organization or political agenda they disagree with. Websites are the most popular target, with some recent attacks including Donald Trump’s campaign website and Newsweek, in protest of an article.
However, just as we’ve seen with other types of cyber security attacks, DDoS attacks are becoming more sophisticated. An increasingly common target is the Internet of Things (IoT). For example, earlier this fall an IOT-fueled botnet dubbed “Mirai” attacked a well-known technology journalist’s site, knocking him offline. It was considered retribution for identifying cyber criminals after his investigation.
“For attackers, these are attractive because they are ubiquitous, often insecure by design, and typically poorly managed and monitored,” Nazario said in an email comment. “These devices come configured with default login credentials and no access controls, enabling attackers and their malware to walk right in and set up shop, and immediately spewing attack traffic.”
Protecting My Business from a DDoS Attack
“DDoS attacks are hugely disruptive to businesses in today’s digital-centric world,” said Peter Guagenti, CMO of NGINX, which powers half of the world’s busiest websites. “You don’t just lose users, but you lose customer confidence and preference.”
“It’s impossible to stop all attacks,” Guagenti added, “but a few simple steps can protect you from a broad range of threats.” These include:
- Recognizing the signs of an attack, such as an usual spike in traffic.
- Correctly using load balancing to spread requests across servers and access controls to limit requests to your infrastructure.
- Deploy tools — including free, open source options – designed to mitigate a DDoS threat.
- Implement a threat intelligence plan that starts with a Threat Sketch Risk Assessment.
DDoS attacks are expected to increase, especially as hackers become more sophisticated and take advantage of the security lapses in a business landscape that depends on internet connectivity. The more you know about the nature of DDoS attacks, and the more you know about your overall risk assessment, the better you can protect yourself.
About the Author: Sue Poremba. Sue is a Central PA-based writer who has covered cybersecurity since 2008