Since the early 2000s and the advent of the internet, cybercriminals around the world have used distributed denial of service attacks to render some of the world’s largest websites inaccessible. You may have heard the acronym DDoS before, but what is it and what impact can a DDoS attack have on your website?
In a DDoS attack, cybercriminals use hacked networks to flood Internet servers with traffic, sending more requests than the server can process. It can be flooding a website with “fake” requests in an effort to make it unavailable. DDoS attacks are performed when multiple computers on different networks simultaneously send large amounts of requests to your website and server.
DDoS and DoS
A DDoS is basically a brute force attack, which means an attack on one device from multiple other devices at the same time.
It works by trying to establish a number of connections very high with the target audience and the flood of information in order to overwhelm and put out of service, hence the term “denial of service”. By carrying out the attack and taking down the server, the cybercriminal denies the service of that device to other people who want to use it.
Originally, these attacks were only perpetrated by a single machine and a single internet connection, we then spoke of simple DoS (Denial of Service). This form of hacking has become more complex using multiple computers and internet connections, hence the addition of the word “distributed”.
By using multiple locations to launch an attack, the hacker can take down a system more easily. He thus has a greater number of machines and it becomes difficult for the victim to identify the origin of the attack.
Typically, the systems used to execute DDoS attacks have been compromised such that the attacker can launch attacks remotely via “slave” computers. These slave computers are called zombies or bots. These bots form a network of machines called a botnet which is managed by the attacker through a command and control server. This server allows the botmaster to coordinate attacks.
For example, in October 2016, a massive DDoS attack targeting Dyn, a company that controls much of the Internet’s Domain Name System (DNS) infrastructure, caused a massive Internet outage in a large part of the United States and Europe. Major websites including Twitter, Netflix and CNN have been down for some time.
It should also be noted that cybercriminals have also targeted individual websites in the past and this is not limited to large infrastructure. Fortunately, there are now options that help you protect your sites.
Types of DDoS Attacks
Cybercriminals use four DDoS strategies to attempt to take down websites. These are all brute force attacks, i.e. they overwhelm servers with their sheer number.
- Attaques de connexion TCP : elles essaient d’occuper toutes les connexions disponibles sur votre site. Cela comprend tous les dispositifs physiques qui desservent votre site tel que les routeurs, les pare-feu et les serveurs d’applications. Les appareils physiques ont toujours des connexions limitées.
- Attaques volumétriques : elles inondent de données le réseau de votre site. Ceci fonctionne soit en saturant le serveur lui-même, soit en utilisant toute la bande passante disponible sur votre serveur. Considérez-les comme une inondation ou un embouteillage, où rien ne peut bouger.
- Attaques par fragmentation : elles envoient des fragments de paquets de données multiples à votre serveur. De cette façon, votre serveur sera occupé à essayer de les ré-assembler et ne pourra pas gérer quoi que ce soit d’autre.
- Attaques d’applications : elles visent spécifiquement un aspect ou un service que vous possédez. Celles-ci sont plus dangereuses, car avec un ciblage limité, vous pouvez ne pas vous rendre compte que vous êtes attaqué jusqu’à ce que ce qu’il soit trop tard.
Protection DDoS
If you’re a small business owner and you’re worried about an attack on your website, you’re right. Any form of attack is dangerous and has the potential to not only cause you financial damage, but also damage your brand image.
There are a lot of options available to you to protect yourself from DDoS, so let’s take a look at some basics:
- Use proxy protection: A proxy is a buffer that protects your website from the internet, much like a fence. This provides an extra layer of protection that could give you advance warning of an incoming attack. It also hides your real IP address, although all of this is invisible to legitimate visitors to your website.
- Protect yourself against spoofed IP addresses: Cybercriminals like to hide their real IP addresses by hijacking others for their own use. You can protect yourself from many popular addresses by maintaining an Access Control List (ACL) that will block access from questionable IPs.
- Have enough bandwidth: Although bandwidth is expensive, many web hosts today offer scalable plans that might help. DDoS works by trying to saturate your available bandwidth. By keeping a little extra tape, like a buffer zone, you would be able to resist and be warned of an attack.
In most cases, these options are provided by your host.
The quality hosts featured on our site all have detection and protection systems in place to protect their customers! The best ones also offer backup solutions on redundant servers.
Read also: 9 security tips to protect your website against hacking
Choose a professional solution to protect against DDoS attacks
In addition to your web host, there are also many professional security companies that offer dedicated services to help protect you against cyberattacks. There are offers for all types of sites and for all prices.
Akamai
Akamai is one of the biggest names in web security today. It can serve more than 95 exabytes of data per year on billions of devices. Among its many offerings, Akamai has solutions for nearly every level of security, from the powerful Kona Site Defender to a more basic web application protection service.
Incapsula
Incapsula also offers comprehensive protection plans that can be customized to your needs. Take a look at their basic DDoS protection services, which aim to protect your website, infrastructure, and even your name server (DNS).
Arbor Networks
Arbor Networks has an extensive all-in-one DDoS prevention program it calls the Active Threat Level Analysis System (ATLAS). This is a pre-warning system for worldwide DDoS threats that Arbor maintains to work in tandem with its various threat management systems.
Verisign
Although best known as a security certificate issuer, Verisign has now expanded its offering to include other web services. However, it is still not quite at the level of the previous ones since the Verisign DDoS protection mainly acts as an early warning system, rather than a protection system.
Cloudflare
Cloudflare is a big name and has made a name for itself as a Content Delivery Network (CDN). Fortunately, a CDN is one of the main ways to help mitigate DDoS attacks and uses a cloud delivery system. Today, Cloudflare has extended its services and covers everything from CDN to DNS. Protection services are scalable, so you only pay for what you choose to use.
Conclusion
As with anything related to technology in general, new methods of cyber attacks are constantly being invented and older methods are constantly being updated and improved. Indeed, according to a report from Akamai, DDoS attacks have increased dramatically, doubling in 2019.
A 2018 Cisco Cybersecurity Report revealed rapidly evolving threats warning of potential “destruction of service” (DeOS) attacks. This could eliminate organizations’ backups and safety nets needed to restore systems and data after an attack.
Companies such as Akamai and Cloudflare have defended against security threats for nearly two decades and protected their customers and maintained the availability of their infrastructure, while withstanding the greatest DDoS attacks of the time.
At Digital Opportunities, we are very much in favor of companies and webmasters focusing on their activities first and leaving security in the hands of those whose job it is. Many companies ignore security warnings from experts for years before suffering massive losses. So protect yourself with advice by starting by choosing a quality host that secures its infrastructure as much as possible!