DDoS attacks are one of the online world’s most annoying phenomena, afflicting businesses, home users and gamers alike. But what are these attacks all about, why are they so crippling, and how can you protect yourself against them? Read on to discover everything you need to know about the next DDoS attack which targets your systems – and how to respond.
Introducing DDoS attacks: a brief definition
DDoS stands for Distributed Denial of Service – which sounds pretty complex on first glance. However, it’s actually quite a simple concept to grasp.
In DDoS attacks, huge quantities of “bots” attack target computers. This why they’re referred to as “distributed.” The bots are dispersed far and wide and aren’t contained on a single host. Instead, they tend to be implanted on computers via malware or other clandestine methods. You may be hosting a bot right now, and not even know it.
When these crowds of attackers direct their energies on a certain target, it has some pretty unpleasant effects. Most importantly, a DDoS attack aims to trigger a “denial of service” response for people using the target system. This basically takes the target offline. If you’ve struggled repeatedly to access a retail site, you may well have encountered a denial of service. And it can take hours, or days to recover from.
How does a DDoS attack work?
Why do so many repeated attacks cause such carnage? In part, it’s simply a question of resources. Servers have a certain capacity. They aren’t limitless processing hubs. When they breach these capacity limits, systems within the server take action to preserve the server as a whole – taking targeted websites or users offline.
Attackers use a range of techniques to bombard their targets, from data packets to messages, or connection requests. All have the effect of turning targets into confused, slow, and often dysfunctional systems.
To achieve this, DDoS attackers need to control an army of bots. This is the tricky part. However, by using phishing and social engineering to spread malware, or enticing users to download fake apps with DDoS malware installed, skilled hackers can usually create the weapons they need.
When your system has been infected, we call it a “zombie” or “bot.” You no longer have total control over what your computer does online. Instead, control has been passed to a “master,” who orchestrates DDoS attacks. To do so, they weave together bots into “botnets” and coordinate them via specialist software.
These botnets can be absolutely massive. For example, the Srizbi botnet has been estimated to include 450,000 zombies. And these enormous forces continue to wage war on web users across the world, often with devastating consequences.
The main types of DDoS attack
DDoS attacks are usually divided into three variants:
- Protocol attacks
- Application layer attacks
Application layer attacks tend to target online databases, so they are very effective when taking down eCommerce sites or government organizations.
Protocol attacks utilize the protocols which authenticate web connections to penetrate deep within websites and servers.
Network-centered attacks mainly involve blitzing targets with data packets until the target pleads for mercy.
Why should you be worried about DDoS attacks?
There are plenty of reasons to neutralize the threat posed by DDoS attacks and zombie recruitment. Here are just a few examples of what can happen if you let your defenses drop.
- Commercial systems can fail – in 2018, the Danish rail operator DSB fell victim to a DDoS attack, and it decimated their routing schedules. Ticketing systems went down and trains slowed to a crawl to protect rider safety – and the carnage lasted for days.
- Gaming servers can be destroyed – in 2016, the world of online gaming was rocked by the discovery of what came to be called the Mirai botnet attack. In this case, attackers sought to knock out competing Minecraft servers (a common money-making scheme). This didn’t just disrupt Minecraft gamers across the world. The botnet went “rogue”, inflicting damage across servers in the eastern USA.
- Bankruptcy is a possibility – back in 2014, the internet company Code Spaces provided a great example of the worst case DDoS attack scenario. After repeatedly being targeted, the coding hub was forced to close its doors – something which could happen to any organization which leaves the door open to DDoS attackers.
What about the effects of hosting bots for everyday users? One of the sneakiest aspects of DDoS attacks is how hard it is to detect whether your system is being exploited. While there are some speed penalties – most users don’t notice any of this. Instead, they continue their normal online activities, blissfully unaware of the damage they are spreading worldwide.
However, there are consequences for everyday users. For example, gamers can see connection speeds trough dramatically when DDoS attacks take place. Some games like World of Warcraft have been heavily targeted, resulting in terrible latency for many players.
How to protect against DDoS attacks
If you are a small business which needs to be vaccinated against crippling DDoS attacks, or a gamer who needs the fastest possible speeds, you need to take action against DDoS attacks. But how can you do so? Let’s finish off by suggesting some security measures to take straight away.
Firstly, businesses need to have a contingency plan in the event of DDoS attacks. This needs to bring together all key IT stakeholders, and put communication strategies in place to manage the fallout, as well as contacts to reach out to for mitigation measures.
It also makes sense to invest in traffic monitoring services which operate on an ongoing basis. These tools can track spikes on online traffic, and the best of them can differentiate legitimate traffic boosts from DDoS bombardments. Having a firewall calibrated to the right traffic limits is also recommended.
When you suspect that a DDoS attack is ongoing, have plans in place to contact your ISP as soon as possible. They can help to re-route traffic, and may have specialist tools to neutralize excess traffic.
As for individuals, the key thing is to prevent infection by DDoS bots. In a way, the situation is similar to inoculation against communicable diseases. If a few people opt out, the disease can survive. But if everyone takes action, botnets could theoretically become a thing of the past.
Actions to prioritize include using strong passwords and making sure that you don’t mess with suspicious attachments, as well as having the latest OS and antivirus patches installed.
However, for now, DDoS attacks are simply a fact of life. When one occurs, we do what we can, and hope that it won’t be catastrophic. But remember, on an individual level we can all help to make DDoS less common.