In October 2016, hundreds of the world’s biggest and most popular websites in the U.K. and the U.S. — including Twitter, eBay, Reddit and Spotify — were the subject of several waves of a massive DDoS attack that rendered the sites inaccessible for thousands of people throughout the day.
Many people referred to the disruption caused by the DDoS attacks as an “internet shut down,” and openly wondered what exactly a DDoS attack is. How does a DDoS attack happen anyway, and how does it manage to cause such lengthy global internet outages?
Well, a ‘distributed denial of service’ attack — commonly known as a DDoS attack — is an illegal hacking activity that takes down an online service and makes it unavailable by overwhelming it with web traffic from multiple sources. Hackers can buy a week-long DDoS attack for as little as $150 on the black market, TrendMicro Research reports (PDF). These malicious individuals often target websites and other computer systems for revenge, extortion, activism or even competitive brand damage.
Interestingly, DDoS attacks are relatively simple to implement, but notoriously difficult to defend against. They are among the most potent tools in a cyber criminal’s arsenal that can take even the most protected computers offline, from banks systems to SaaS applications and ecommerce websites.
What is a DDoS Attack?
DDoS attacks exploit the power of a network of tens of thousands of compromised computers, known as a “botnet,” to flood a website’s servers with page view requests. This overload of page requests renders legitimate traffic unable to get through. When an internet server is dealing with an overload, it is unable to respond to most normal queries, making it impossible for internet browsers to access the websites.
Attacks on Domain Name Service (DNS) providers or hosts are typically more effective than targeting a single website because hundreds of sites rely on them to direct traffic. DNS hosts such as Dyn, the provider that was hit in the aforementioned DDoS attack, are central to the operation of the internet.
DNS providers operate the “internet’s address book.” They ensure that website addresses (domain names) such as www.yourwebsitename.com are routed and make it to the correct site. If a DNS provider goes offline, then domain names powered by that provider are not routed to a website, meaning they fail to load web pages. Dyn, for example, powers some 3,500 enterprise customers including Netflix, LinkedIn, TripAdvisor and CNBC among many others, according to information on its website.
Nobody claimed responsibility for the 2016 DDoS attacks against Dyn, but experts said they were simple enough to have been carried out by mischievous teenagers rather than malicious state-sponsored attackers. Even amateur hackers can scan for vulnerable websites and computer systems using easily available software, and turn thousands of them against a single target.
How to Protect Your Website against DDoS Attacks
Estimates by Incapsula Inc., a cloud-based website protection service, indicate DDoS attacks can cost businesses up to $40,000 per hour that their websites are offline. A sharp increase in poorly-secured connected devices such as “smart” webcams, thermostats and televisions have also vastly increased the number of vulnerable systems that can be victims of (or tools for) DDoS attacks in recent years.
In order to protect your website and gadgets from distributed denial of service attacks, make sure you always download the latest security updates. Also, make sure your devices are protected with an up-to-date anti-virus software program, such as Kaspersky’s Security Scan or Norton 360. Most popular anti-virus programs can even scan your computer to see if it is part of a botnet.
Moreover, use routers and firewalls that can help stop simple ping attacks on your business website, while also providing automatic rate limiting and traffic shaping. Where possible, also buy excess bandwidth with your Internet Service Provider (ISP) that can handle various spikes in website traffic.
If you use WordPress platform to manage your website, install beneficial security plugins like WordFence and Bulletproof Security. Additionally, utilize dedicated software that can act as a buffer for your website against DDoS attacks. CloudFlare, for example, offers protection against DDoS attacks of all forms and sizes, and DdoS Protector can help block DoS attacks within seconds with multi-layered protection.
Finally, don’t go out looking for trouble. Hackers love a good challenge and will attack your website if tested. If you get a threatening message or comment, just delete or ignore it. And don’t advertise your website where it is not appropriate, such as hacker forums.
Remember any website is vulnerable to a DDoS attack so you need to be cautious always.
DDoS Photo via Shutterstock