The number of Distributed Denial of Service attacks, otherwise known as DDoS, grew to 17 million during the course of 2020 (Source: Hosting Tribunal), and is expected to continue increasing throughout 2021.
What do you, as a professional or business owner, need to know about Distributed Denial of Service/DDoS attacks? Firstly, we need to outline exactly what DDoS attacks are, and why they are considered a strong cybersecurity threat. Then, we can offer a few tips on how to better prepare yourself and your business for this form of cyberattack.
What is a Distributed Denial of Service Attack?
DDoS is a form of cyberattack that attempts to overwhelm the targeted website, or other online service, often through the use of botnets. An attacker will generate traffic on the web using a significant number of these ‘botnets’, that mimic real web traffic in order to overwhelm the website or service.
Think of it this way – occasionally, when a popular musician announces that they are going on tour there is a sudden influx of thousands of people visiting a website in an attempt to purchase a ticket. This sometimes leads to the website ‘crashing’ or significantly slowing down for all users. Botnets mimic these hundreds and thousands of people, causing huge disruptions for the targeted business.
There are a huge number of different types of DDoS attacks, Wikipedia has over 25 DDoS attack techniques listed, and all of them come with unique problems. We are going to go over some of the most common forms of DDoS attacks to help you prepare for potential cybersecurity threats:
Volumetric DDoS Attacks: A volumetric DDoS attack, as the name implies, sends an enormous volume of traffic via botnets to completely overwhelm the victim’s network. This completely saturates the bandwidth, which effectively creates a traffic jam that makes it almost impossible for legitimate traffic to flow throughout the targeted system.
Application Layer DDoS Attacks: Also known as Layer 7 DDoS Attacks, this form of attack overloads a website or application with seemingly legitimate requests. Botnets are able to continuously request information, and when thousands of these botnets are working together the website struggles to have enough disk space or available memory to support so many requests. This once again blocks legitimate application traffic and causes the application to become unavailable.
Protocol DDoS Attacks: This type of DDoS attack mainly targets layer 3 and 4 protocols by consuming system resources and processing capacity, often to the point where the server crashes. SYN Flood attack is an example of protocol DDoS attacks. Usually, a procedure is required to establish a connection between two systems. This is done using a process referred to as a “three-way handshake”. When a connection request is made, an initial synchronize (SYN) request is sent to the server, which then acknowledges this with its own response (SYN-ACK), and the client system completes the handshake with a final acknowledgment (ACK). SYN floods work by using botnets to make a significant number of these initial synchronize requests, but never providing the final acknowledgment. The target system is then stuck with a number of half-open connections, which will eventually overwhelm it and cause it to crash.
How to Prepare and Protect Yourself Against DDoS Attacks
1. Have a plan: No matter how small your business is, you are still at risk of a cybersecurity attack and this includes DDoS attacks. Create a specific plan on how you would respond to a DDoS attack, figure out who is responsible for what part of your plan, and ensure you regularly evaluate it to keep it up to date. Consider having a professional cybersecurity assessment or consultation to get help with this.
2. Consider your tools: It is not recommended to rely on traditional firewalls when it comes to DDoS, because although they come with some DDoS blocking abilities many cybercriminals are aware of this and have already crafted botnets that can trick the firewall. Consider investing in Web Application Firewalls (WAF), New Generation Firewalls, or Intrusion Detection and Prevention Systems that will put you in a better position to defend your business against these types of attacks, and more.
3. Stay up to date: Reading this article already puts you in a better position to recognize a DDoS attack, and fight against it. Cybercriminals constantly update their methods to trick individuals and businesses alike, and it is up to you to be one step ahead of them. Do further research into what DDoS attacks you might specifically be in danger of, and how you can combat them.
One of the best ways to combat against DDoS attacks and cybercriminals in general is to get professional help. Here at Euclid Security, we offer a variety of cybersecurity services at affordable prices, including consultation and advisory, security awareness training, risk assessments and more. If you are interested, or you want to know more about protecting your business against DDoS attacks, then get in touch today for a no obligation discussion.