What is a DDoS Attack?
Meet the bane of all websites and web hosting servers worldwide – the DDoS attack.
It’s a form of cyberattack that’s affected Sony, Microsoft, the FBI, and even North Korea’s entire Internet infrastructure. On average, a DDoS attack is estimated to cost businesses $40,000 per hour, with nearly half of those attacks lasting between 6-24 hours, according to a survey performed by Incapsula, a website security provider.
DDoS attacks come in all shapes and sizes, but technically speaking, what are they? And why do so many “secure” websites and services seem so vulnerable? More importantly, what can you do about it?
What is a DDoS Attack?
A DDoS attack, or Distributed Denial of Service attack, has a much broader definition for network security professionals. In typical DDoS attacks however, the aggressor will flood a web server with so much bogus traffic from all kinds of different sources that it cripples itself and ultimately shuts down.
Although a DDoS attack can expose new vulnerabilities in your network security, their purpose is to send a message rather than steal information.
Martin Libicki, a researcher at RAND who has studied cyberattacks, compares it to a concert letting out.
“You’ve got all these people filling the streets all at once,” he tells NPR. “If you happen to be in the same area at the same time, you’re going to have a hard time getting through.”
Other denial-of-service attacks, or DoS attacks, are more specific and can target certain users or potentially wipe out databases.
Check out this list of 15 companies that have been affected by DDoS attacks in the past. Even we were hit by one last year.
- AndNowUKnow
- Sony
- Microsoft
- FBI
- Apple
- Bank of America
- Wells Fargo
- JPMorgan Chase & Co.
- Visa
- MasterCard
- AT&T
- Netflix
Why do networks seem so vulnerable to DDoS attacks?
Security experts say that any network is vulnerable to a DDoS attack because it’s difficult to discern whether the traffic you’re getting is legitimate or not, so it’s hard to find the attacker(s). You're getting bombarded by so much traffic from every source imaginable, and ideally, you don't want to block access to everyone.
It’s also one of the easiest forms of cyberattacks. Rob Rachwald, Director of Security Strategy at Imperva tells InformationWeek, “DDoS is to the Internet what the billy club is to gang warfare: simple, cheap, unsophisticated, and effective.”
How can I prevent DDoS attacks?
First and foremost, know that every website or network is at risk. DDoS attacks are difficult to stop entirely, but you can increase your resistance to them by ensuring your network infrastructure is as secure as possible. Roland Dobbins, Asia-Pacific Solutions Architect for Arbor Networks, tells InformationWeek that implementing “all of the industry best and current practices for their network infrastructure” can help increase resiliency and availability. Traditional network protection, such as firewalls, can only do so much against attackers.
Actively monitoring your network can alert you to a potential threat early on. Dobbins continued, “If the enterprise doesn’t have visibility into their network traffic so they can exert control over the traffic, then they have a problem.”
Identifying the source of the attack is a long and arduous process. According to Cisco, even though a source might be identified, blocking it would mean blocking all traffic – good and bad.
Finally, ask your web hosting provider to overprovision bandwidth to your website. Overprovision can help accommodate a sudden increase in traffic and can give you more time to act accordingly to an attack. However, this is not the most cost-effective solution.
Speak to your company’s IT professionals to come up with a solution that will best work for you.
For a real-time look at current DDoS attacks happening around the world, check out this website: http://map.ipviking.com/
The threat a DDoS attack can pose is not to be underestimated. By knowing its consequences, you can work to take the steps necessary to protect yourself before it happens.
