Meet the bane of all websites and web hosting servers worldwide—the DDoS attack.
It’s a form of cyberattack that’s affected Sony, Microsoft, the FBI, and even North Korea’s entire Internet infrastructure. On average, a DDoS attack is estimated to cost businesses $40,000 per hour, with nearly half of those attacks lasting between 6-24 hours, according to a survey performed by Incapsula, a website security provider.
DDoS attacks come in all shapes and sizes, but technically speaking, what are they? And why do so many “secure” websites and services seem so vulnerable? More importantly, what can you do about it?
What is a DDoS Attack?
A DDoS attack, or Distributed Denial of Service attack, has a much broader definition for network security professionals. In typical DDoS attacks however, the aggressor will flood a web server with so much bogus traffic from all kinds of different sources that it cripples itself and ultimately shuts down.
Although a DDoS attack can expose new vulnerabilities in your network security, their purpose is to send a message rather than steal information.
Martin Libicki, a researcher at RAND who has studied cyberattacks, compares it to a concert letting out.
“You’ve got all these people filling the streets all at once,” he tells NPR. “If you happen to be in the same area at the same time, you’re going to have a hard time getting through.”
Other denial-of-service attacks, or DoS attacks, are more specific and can target certain users or potentially wipe out databases.
Check out this list of 15 companies that have been affected by DDoS attacks in the past. Even our sister publication, AndNowUKnow, was hit by one in 2014.
AndNowUKnow
Sony
Microsoft
FBI
Apple
Bank of America
Wells Fargo
JPMorgan Chase & Co.
Visa
MasterCard
AT&T
Netflix
Why do networks seem so vulnerable to DDoS attacks?
Security experts say that any network is vulnerable to a DDoS attack because it’s difficult to discern whether the traffic you’re getting is legitimate or not, so it’s hard to find the attacker(s). You're getting bombarded by so much traffic from every source imaginable, and ideally, you don't want to block access to everyone.
It’s also one of the easiest forms of cyberattacks. Rob Rachwald, Director of Security Strategy at Imperva tells InformationWeek, “DDoS is to the Internet what the billy club is to gang warfare: simple, cheap, unsophisticated, and effective.”
How can I prevent DDoS attacks?
First and foremost, know that every website or network is at risk. DDoS attacks are difficult to stop entirely, but you can increase your resistance to them by ensuring your network infrastructure is as secure as possible. Roland Dobbins, Asia-Pacific Solutions Architect for Arbor Networks, tells InformationWeek that implementing “all of the industry best and current practices for their network infrastructure” can help increase resiliency and availability. Traditional network protection, such as firewalls, can only do so much against attackers.
Actively monitoring your network can alert you to a potential threat early on. Dobbins continued, “If the enterprise doesn’t have visibility into their network traffic so they can exert control over the traffic, then they have a problem.”
Identifying the source of the attack is a long and arduous process. According to Cisco, even though a source might be identified, blocking it would mean blocking all traffic – good and bad.
Finally, ask your web hosting provider to overprovision bandwidth to your website. Overprovision can help accommodate a sudden increase in traffic and can give you more time to act accordingly to an attack. This, however, is not the most cost-effective solution.
Speak to your company’s IT professionals to come up with a solution that will best work for you.
For a real-time look at current DDoS attacks happening around the world, check out this website: map.ipviking.com
The threat a DDoS attack can pose is not to be underestimated. By knowing its consequences, you can work to take the steps necessary to protect yourself before it happens.
Am I Under Attack?
If you suspect you’re being threatened by a DDoS attack, look for these two common signs:
· Your website or server is slow to respond or unresponsive
· You’re seeing abnormally high traffic on your website
What’s The Motivation?
It’s not always clear why someone would target a website. Below, however, are a few motivations behind a DDoS attack.
· Just because they can: Even someone with little technical knowledge can perform a DDoS attack, and it could be appealing to bring down a large corporation.
· Competition: Given how much the average DDoS attack can cost companies, even the smallest disruption in service can be advantageous to a competitor.
· Financial reasons: In some cases, an attacker has threatened to take down a company’s website if a ransom amount is not paid.
The Attacks Continue
There has been a 90% increase in attacks during Q4 2014 over those recorded in Q3 2014, according to a State of the Internet security report by Akamai, a cloud service provider.