A Distributed Denial-of-Service (DDoS) attack is a malicious attempt to disrupt the traffic of a targeted server, service or network by overwhelming it with a flood of internet traffic (Cloudflare, 2019). DDoS attacks are much like traffic on a highway. Imagine regular traffic moving at a steady pace and cars on their way to their desired destination. If a flood of cars enters the highway at a particular point, it significantly delays or prevents the cars behind them from reaching their destination at the time they should. In 2018, more than 400,000 DDoS attacks were reported worldwide (CALYPTIX, 2018). In 2018’s 4th quarter, Great Britain was responsible for 2.18% of these attacks, a staggering difference compared to 2019’s 1st quarter of 0.66% (Gutnikov, 2019).
The goal of this attack is to create congestion by consuming all available bandwidth utilized by the target to access the wider internet it wishes to interact with (Cloudflare, 2019). Large amounts of data are sent to the target by utilizing a form of amplification or another means of creating massive traffic, such as requests from a botnet (which is a group of devices infected with malware that an attacker has remote control over).
The consequences of a DDoS attack
DDoS attacks are particularly destructive for small to medium businesses. By taking advantage of business systems with weak network security measures, these attacks are capable of crippling multiple business systems and the services provided by that business (Banta/vxchnge, 2018). For example, an attack on Dyn in 2016, recorded as the largest internet disruption in history, took down Twitter, the Guardian, Netflix, Reddit, CNN and many other sites (Woolf/theguardian, 2016). This was made possible by utilizing a weapon called the Mirai botnet, which reported an estimated 100,000 malicious endpoints to make the attack on their DNS servers so effective (Woolf/theguardian, 2016).
These attacks have also experienced an increase in numbers due to the simultaneous increase in the use of the Internet of Things (IoT) and its associated devices. These devices are also used as common weapons in DDoS attacks and are often overlooked due to their nature. These devices, inclusive of cameras, sensors, meters, routers and even thermostats are often hacked as they aren’t sufficiently protected and are then incorporated into the botnets used in carrying out the attacks (A10 Staff, 2018).
Among the consequences are the effect the attacks can have on the business relationship between companies and their clients. With weakened systems and security, clients are likely to lose faith in the company’s ability to perform effectively and maintain their data integrity and reliability. The long-term effect would be a loss of trust and the cultivation of a bad reputation which would impact future business and the integration of new clients. Among the most targeted were telecommunications providers and cloud hosting services in the first half of 2018. For wireless telecommunications carriers, a whopping 157,388 were reported (CALYPTIX, 2018). The prevalence of these attacks not only serves to discourage future users, but also encourage them to find alternative wireless telecommunications providers better equipped to handle the number and size of attacks throughout the year.
Ways to mitigate a DDoS attack
Differentiating between normal traffic and the attack traffic is one of the main concerns in mitigating a DDoS attack. Ideally, one would not want to cut off any traffic in the case of a product release on a company’s website that is swamped with eager customers. However, if that company is suddenly experiencing an influx of incoming traffic that can be identified as an attack, such efforts to mitigate the attack are probably necessary. The difficulty lies in distinguishing between the real customer and the attack traffic. However, according to Cloudflare (2018), there are methods used to mitigate a possible DDoS attack. These methods include:
Rate Limiting: This method essentially limits the amount of incoming traffic or the number requests a server receives over a set period of time. Due to this, all available bandwidth will not be consumed during the attack and therefore the likelihood of a denial of service decreases significantly. With this method, differentiating between normal traffic and attack traffic can be quite difficult. As a result, there will be a mixture of normal and attack traffic received by the server. In addition to that, this method can be useful in the cases of “content stealing” and brute-force login attempts. Unfortunately, this method will not be sufficient in effectively handling the more complex DDoS attacks. Nevertheless, it is a useful tool to have included in your DDoS mitigation plan.
Blackhole routing: A possible solution to mitigating a DDoS is to create a blackhole route and funnel the incoming traffic into that route. In its simplest form, both malicious and legitimate network traffic is siphoned when blackhole filtering is activated without setting specific restrictions. So in the case of a DDoS attack, an Internet Service Provider can dump all the attacker’s traffic into a blackhole as a form of defence.
Evaluating IoT Security: As mentioned earlier, IoT devices such as cameras, sensors, routers and more can be used as avenues for DDoS attacks against businesses. It is crucial, even though these devices serve to improve business efficiency, customer service and more, that they are properly protected as they may pose a significant security risk to the business (A10 Staff, 2018).
Another simple and cost-effective method of preventing DDoS attacks would be to turn to an outsourcing service provider capable of providing organizations with a vast array of tools just for combating DDoS attacks. With greater bandwidth capacity and more secure routers managing incoming traffic, the security of these service providers are much more capable of withstanding attempts to overwhelm their infrastructure than in-house IT solutions (Felter/vxchnge, 2018). However, there are some considerations you should take into account when choosing an outsourcing service.
- The company’s ability to adapt to the needs of a growing business as well as the scale of future DDoS attacks
- The company’s ability to create page rules and implement them consistently across the network in order to remain operational in the event of an attack
Reliability. Ensure the company has a reputation of maintaining high uptime rates and site reliability engineers working consistently to keep the network online and monitor impending threats
- Ensuring the company has a large network capable of extensive data transfer, allowing them to analyse and respond to attacks quickly and efficiently.
Datacenter.com can support in contacting you with partners of Datacenter.com that are outsourcing service providers. Besides, as a carrier neutral Datacenter a range of ISPs can be offered. By differentiating traffic and the use of different carriers it can be possible to easily drop one connection that is suffering from the DDoS attack, whilst the other connections can remain its connection.
A10 Staff (2018) IoT and DDoS: Cyberattacks on the Rise
Retrieved from: https://www.a10networks.com/blog/iot-and-ddos-cyberattacks-rise/
Banta, T. (2018) How to Protect Data Centers From a New Generation of DDoS Attacks
Retrieved from: https://www.vxchnge.com/blog/how-to-protect-data-centers-from-a-new-generation-of-ddos-attacks
Calyptix (2018) DDoS Attacks 2018: New Records and Trends
Retrieved from: https://www.calyptix.com/top-threats/ddos-attacks-2018-new-records-and-trends/
Cloudflare (2019) What is a DDoS Attack?
Retrieved from: https://www.cloudflare.com/learning/ddos/what-is-a-ddos-attack/
Cloudflare (2019) What is DDoS Mitigation?
Retrieved from: https://www.cloudflare.com/learning/ddos/ddos-mitigation/
Felter, B. (2018) Best Practices for Preventing DDoS Attacks
Retrieved from: https://www.vxchnge.com/blog/preventing-ddos-attacks-best-practices
Gutinikov et al (2019) DDoS attacks in Q1 2019
Retrieved from: https://securelist.com/ddos-report-q1-2019/90792/#statistics
Woolf, N. (2016) DDoS attack that disrupted internet was largest of its kind in history, experts say
Retrieved from: https://www.theguardian.com/technology/2016/oct/26/ddos-attack-dyn-mirai-botnet