What are DDoS attacks all about? Why are they so crippling? And how can you defend against them? Learn everything you need to know about the next DDoS attack that may target your system – and how to respond.
Introducing DDoS attacks: a brief definition
DDoS stands for Distributed Denial of Service. Sounds complicated? Don’t worry, it’s actually quite a simple concept to grasp.
During DDoS attacks, huge numbers of “bots” attack target computers. That’s why they’re referred to as “distributed.” These bots are actually infected computers that are dispersed across multiple locations, which means they aren’t contained on a single host. In fact, you may be hosting a bot right now and not even know it.
When DDoS attackers direct their bots against a certain target, it has some pretty unpleasant effects. Most importantly, a DDoS attack aims to trigger a “denial of service” response for people using the target system. This basically takes the target network offline. If you’ve repeatedly struggled to access a retail website, you may well have encountered a denial of service. And it can take hours, or days to recover from.
How does a DDoS attack work?
Why do DDoS attacks cause so much damage? In part, it’s simply a question of resources. Servers have a certain capacity – they aren’t limitless processing hubs. When they breach their capacity limits, systems within the server act to preserve the server as a whole – taking targeted websites or users offline in the process.
Generally, attackers use a variety of denial of service techniques to bombard their targets – from data packets to messages or connection requests. All these techniques have the effect of turning targets into confused, slow, and often dysfunctional systems.
To achieve this, DDoS attackers need to control a bot army (or botnet). That’s the tricky part. However, by using phishing and social engineering to spread malware, or enticing users to download fake apps with DDoS malware pre-installed, skilled hackers can create the bots they need.
After attackers infect your system, it becomes a “bot.” You no longer have complete control over what your computer does online. Instead, control has been passed to a “master,” who orchestrates DDoS attacks. To do so, the “masters” weave together bots into botnets and coordinate them via special software.
These botnets can be absolutely massive. As an example, the Srizbi botnet has been estimated to include more than 450,000 bots. And these enormous forces continue to wage war on web users across the world, often with devastating results.
The main types of DDoS attacks
DDoS attacks are usually divided into three variants:
· Application layer attacks
· Protocol attacks
Application layer attacks tend to target online databases. This makes them very effective when taking down online shops or governmental organizations.
Protocol attacks utilize the protocols that authenticate web connections in order to penetrate deep into websites and servers.
Network-centered attacks mainly involve blitzing targets with data packets until the target pleads for mercy.
H2 Why should you be worried about DDoS attacks?
There are plenty of reasons to neutralize the threat posed by DDoS attacks and botnets. Here are but a few examples of what can happen if you let your defenses drop.
· Commercial systems can fail – in 2018, the Danish rail operator DSB fell victim to a DDoS attack, and it decimated their routing schedules. Ticketing systems went down and trains slowed to a crawl to protect rider safety.
· Gaming servers can be destroyed – in 2016, the world of online gaming was rocked by the discovery of what came to be called the Mirai botnet attack. In this case, attackers sought to knock out competing Minecraft servers (which used to be a common money-making scheme). This attack didn’t just disrupt Minecraft players around the world. What’s even worse is the fact that the botnet went “rogue,” inflicting damage across servers in the eastern USA.
· Bankruptcy is a possibility – back in 2014, the internet company Code Spaces proved to be a great example of the worst-case DDoS attack scenario. After being repeatedly targeted, the coding hub was forced to close its doors. This is something that could happen to any organization – all it takes is leaving the door open to DDoS attackers.
What are the effects of hosting a bot on your system? One of the worst aspects of DDoS attacks is how hard it is to detect whether your system is compromised. While there are some effects on connection speeds, most users barely notice any of this. Instead, they continue their normal online activities, blissfully unaware of the damage they’re spreading worldwide.
However, there are consequences for everyday users as well. For example, gamers can see connection speeds drop and latency increase dramatically when DDoS attacks take place. Some games like Runescape have been heavily targeted, resulting in terrible ping for many players.
How to protect against DDoS attacks
If you’re a small business that needs to be vaccinated against crippling DDoS attacks, or a gamer who needs the fastest possible speeds, you need to take action against DDoS attacks. But how can you do so? Let’s see what security measures you can take to protect yourself.
Firstly, businesses need to have a contingency plan in the event of DDoS attacks. This means bringing together all key IT stakeholders and putting communication strategies in place to manage the fallout, as well as having contacts to reach out to for mitigation measures.
It also makes sense to invest in traffic monitoring services which operate on an ongoing basis. These tools can track spikes in your online traffic, and the best services can differentiate between legitimate traffic boosts and DDoS bombardments. Having a firewall calibrated to the right traffic limits is also recommended.
When you suspect that a DDoS attack is ongoing, have plans in place to contact your Internet Service Provider ASAP. They can re-route traffic and may have specialist tools to neutralize excess traffic.
As for individuals, the key aspect is to prevent infection of your system by DDoS bots. In a way, the situation is similar to inoculation against communicable diseases. If a few people opt out, the disease can survive. But if everyone takes action, botnets could theoretically become a thing of the past.
Preventive actions include using strong passphrases and making sure that you don’t click suspicious attachments, as well as having the latest OS and antivirus updates installed.
It also makes sense to have a high-quality VPN installed. Many providers offer solutions specifically designed for combating DDoS – with particular appeal for gamers.
However, for now, DDoS attacks are simply a fact of life. When one occurs, we do what we can, and hope it won’t be catastrophic. Remember, however, on an individual level we can all help to make DDoS less common.