Blog
FAQ: What are DDoS attacks?
February 10th, 2015
What is a DDoS attack?
Distributed Denial of Service (DDoS) attacks are a form of cyberattack that aims to disrupt access to a service (such as a website) in order to extort the owner or to serve as a distraction whilst another attack occurs. DDoS attacks are usually driven by a botnet (a network of infected machines) which overwhelm the service and prevent access to legitimate users.
DDoS attacks usually attempt to overwhelm services using one of two methods. Either by sending a massive number of connection attempts or by using up all available bandwidth. Any business or organisation can be a target for this type of attack. In some cases, DDoS attacks can even be directed at individuals, although this is rare.
What’s the difference between a DoS attack and a DDoS attack?
The difference between these two attacks is that a DoS attack typically comes from one machine which is utilising a single connection, whereas a DDoS attack uses multiple machines and multiple connections.
What are the types of DDoS attack?
1. Bandwidth flooding
Also known as a volumetric attack, this attack involves saturating a server’s bandwidth with bogus packets to the point that legitimate users can no longer communicate with the server.
2. Resource flooding
This attack involves sending an overwhelming number of resource request to the server or gateway devices such as a firewall; causing CPU usage to peak. Since the CPU is being used for menial requests, genuine requests either fail to get through or are processed incredibly slowly.
3. Application-level flooding
This attack targets the software which runs on the server with the aim to flood it with so many requests that the software crashes, taking the server offline.
How can I stop DDoS attacks?
The number one question is how do we protect ourselves from these attacks or at least mitigate our risks?
Well, there are devices that companies can purchase that claim to prevent DDoS attacks such as SMB\E firewalls but these won’t help you if you are a victim of large-scale attacks.
So firstly you need to review your attack surface and mitigate risks. For example, say you run an e-commerce site, it’s probably not advisable to run it from your premises. You may find an attack on this site not only knocks out your e-commerce site but also other critical business services, such as email, remote workers and access to cloud services.
Depending on your environment, you may wish to host critical services and servers in a provider’s cloud infrastructure. Another option is to look at co-location (rented space in a data centre). Most cloud providers are going to have access to bandwidth far greater than anyone else – do check this though! Cloud hosting platforms are great for being able to scale out quickly in terms of system resources and network connections when you see high demand. Increasing numbers of web servers and balancing traffic between them may also help you in a TCP connection attack.
Volumetric attacks on bandwidth are a lot more brutal so how do we defend ourselves against these? Again you can use cloud providers for your online sites so they can deal with the volume. However even they will struggle with the scale of the attacks seen by Sony and Microsoft.
So what else can we do? Well, you can buy services from third parties who will route the attack via them and take the initial impact whilst trying to counteract the hackers, or you could have geographically separated infrastructure that sees a mirror site of your current environment which can ease the strain in an attack.
There’s a fair chance that you may never experience a DDoS attack on your IT systems. However, you should take the time to understand what the risks are and how/if you will mitigate them.
What is Microsoft Teams? | 7 benefits of Teams for businesses
What is Microsoft Teams? Microsoft Teams is a cloud-based chat and collaboration platform, designed to simplify and streamline communication between employees by offering one centralised place to connect. Instead of relying on clunky email chains, employees can send direct messages to co-workers, set up group chats or organise video, audio and web conferences, all without […]
9 essential cyber-security measures every business needs
What are the essential cyber-security measures every business needs? In today’s digital era, advancements in technology are happening very rapidly. Therefore our defence systems against very real cyber-security threats must keep pace. If the correct measures aren’t taken, your business might be more at risk than you think. Here are 9 essential cyber-security measures your […]
Current Cloud considerations
QuoStar’s Robert Rutherford sheds some light on which key Cloud considerations organisations should be looking at regarding their cloud platforms. The pace of change is obviously fast right now, and organisations need to ensure that they have built in flexibility in their environments, allowing them scale up and out of the environment with […]