DDoS In A Nutshell
May 07, 2020 | By Admin
Distributed Denial of Service (DDoS) is a major threat to your website. Here’s why…
DDoS attacks target websites and businesses of every size, including individual live streamers.
With more than 50 million attacks every year, they’re on the rise and growing in frequency, strength, and hacktivism.
That’s almost two attacks for every second of each day in a year!
The attacks have increased by 125 percent year-on-year with a 35% jump in attack duration, lasting between 6-24 hours.
With the emergence of the IoT, DDoS attacks have seen even higher traffic rates.
They account for a staggering one-third of all website downtime and can be purchased for as low as $150 on the black market.
In a nutshell, DDoS attacks have existed for years, but now they’ve evolved to be more devastating and easier to launch than ever before.
As cybercriminals develop more destructive techniques, everyone who uses the internet should learn about DDoS attacks and how to protect against them.
How Do DDoS Attacks Occur?
DDoS attacks disrupt normal operations by destroying performance and availability. How?
At its most basic level, a DDoS attack overwhelms your website with so much traffic that your website become slow, unresponsive, and ultimately crashes.
To orchestrate this symphony of traffic, a hacker uses a remotely controlled device that has already been infected, otherwise known as a bot, short for robot.
A collection of these infected devices is a called a botnet.
Basically, an army of remote control zombies ready to disable or destroy any system in its path.
Unfortunately, the bad news doesn’t end there because not all DDoS attacks come from botnets.
Types Of DDoS Attacks
DDoS attacks can fall into three broad categories, depending on the attack.
1. Volumetric Attacks (also known as Network-Centric Attacks)
a. The most common types of DDoS attacks
b. Use botnets to consume bandwidth
c. Examples include NTP Amplification, DNS Amplification, UDP Flood, TCP Flood
2. State-Exhaustion Attacks (also known as Protocol Attacks)
a. Exploits a weakness in the Layer 3 and Layer 4 protocol stack
b. Targets the connection state in firewalls, web application servers, load balancers
c. Examples include Syn Flood, Ping of Death
3. Application-Layer Attacks
a. The most sophisticated of attacks and most challenging to identify/mitigate
b. Operated by a single machine, it’s very stealthy and able to fly “under the radar”
c. Examples include HTTP Flood, Attack on DNS Services, HTTPS, and SMTP
Here are some security measures for successful DDoS protection:
1. Extra Bandwidth: An effective way to enhance DDoS protection is by increasing the bandwidth available for your web server. This allows your website to handle sudden and unexpected surges in traffic. However, this is more of a buffer than a complete solution providing critical time to act before your resources are overwhelmed.
2. Defend Network Perimeter: You can also enhance your network's defense perimeter by taking additional security measures such as
i) rate limiting your router to prevent web server overwhelming
ii) dropping spoofed or malformed packages
iii) set lower SYN, ICMP, and UDP flood up thresholds
However, this is very technical and will require some level of incident handling knowledge to effectively respond to DDoS attacks.
3. DDoS Specialist: Another option is to hire a DDoS specialist who can save you from the attack during the time of crisis. However, this will require deep pockets as it is very costly.
4. cWatch Web: Since the above options may not be in your budget or scope of knowledge, cWatch Web arms you with DDoS protection as a turnkey defense system. This web security solution comes equipped with the cure, the prevention, and live 24/7/365 assistance.