Distributed denial-of-service attacks (DDoS) used to be something only talked about in cybersecurity and hacker circles, but in the past few months DDoS has found its way into the popular lexicon following high-profile attacks last year. After all, it’s hard to ignore DDoS when you can’t access your Spotify playlist or Twitter feed.
For a little background, DDoS attacks take advantage of malware-infected computers (often corrupted through spam emails, clickbait and phony web downloads) and recruit these devices as part of a botnet. This network of ‘slave’ or ‘zombie’ devices obey the command of a remote hacker to flood a website or service with fraudulent traffic requests until the service crashes.
Attacks of this kind are a favorite of cybercriminals and hacktivists because they do not require infiltration into a company’s network. Instead they are launched externally and are extremely visible to anyone visiting the site (making it perfect for cyber protests).
What’s surprising is that according to a recent survey, nearly one-fifth of companies have no DDoS protection whatsoever; and almost 40 percent are unclear on how to protect themselves from DDoS attacks!
This statistic is frightening because it means that a considerable portion of businesses have little to no defense against malicious web traffic which can severely slow or stop operations, impact visitors, frustrate customers and drive prospective clients to competitors with a working webpage.
The survey goes on to say that 12 percent of respondents believe a small interruption of service would no cause major issues for their company; after all, most DDoS attacks last between 30 minutes to an hour. While this may be true on some level, small businesses with razor-thin profit margins might be negatively impacted by a short, yet well-timed DDoS attack and even larger corporations could experience significant losses due to overwhelming traffic on, say, Black Friday.
Even if your business can overcome an hour-long DDoS attack without breaking a sweat, it’s foolish to think that you are immune to savvy cybercriminals. Turns out the majority of DDoS attacks (53 percent) are just a smokescreen for additional incursions including ransomware downloads, malware infiltration, viruses and more.
Of course, it’s not the smaller ‘DDoS as a distraction’ attacks that make organizations nervous (though it should), but rather the growing threat of massive botnets. Mirai and Leet are two mammoth bot networks that exploit notoriously insecure Internet of Things devices to destructive ends.
To make matters worse, nearly anyone can take advantage of these botnets via ‘DDoS for hire’ services! How comfortable do you feel knowing that your business operations could be interrupted by anyone with a computer and a grudge?
Thankfully, there are ways to prevent a DDoS attack from stymying your operations. Keep in mind that each of these suggestions are probably best discussed with your cybersecurity provider as different organizations have different needs depending on their size, nature of their business, likelihood of being targeted, etc.
Front-End Hardware: Smart hardware is placed on the network to analyze data packets as they are sent to the server and identifies each as priority, regular or dangerous to prevent DDoS attacks and network overload.
Blackholing: This technique prevents DDoS attacks by routing all traffic to a black hole or null interface where the malicious traffic can do no harm. Similarly, DNS sinkholing sends traffic to a valid IP address where it is analyzed and rejected if necessary.
Scrubbing: This method sends traffic to a cleaning center, via various redirects, to separate good and bad traffic before it reaches your server. This option is probably best for businesses that experience a great deal of web-based attacks and bogus traffic.
We hope this has opened your eyes to the dangers of DDoS incursion and motivated you to take the necessary steps to safeguard your network against hackers and bad bots.