August 06, 2019
What Is a DDoS Attack?
The number of distributed denial-of-service (DDoS) attacks in today’s modern business landscape is rapidly increasing – both in frequency and intensity.
In a DDoS attack, someone launches a cyberattack targeting a computer or web server with the intent of temporarily or permanently disrupting the network. A DDoS attack is carried out by flooding the computer or server with meaningless, superfluous requests.
The goal is to slow down or take down the server, preventing it from handling legitimate requests and traffic. DDoS attacks can cost a business time, money, and reputation.
In this article, we breakdown the different types of DDoS attacks, how to detect them, and how to prevent them.
What Is a DDoS Attack?
Denial of Service attacks are designed to overwhelm a machine or server with excessive requests, with the ultimate goal of slowing down or taking down the server. In attempting to handle the hundreds (sometimes thousands) of excess requests, the server can’t handle legitimate user requests.
An in-depth 2017 academic study found that a staggering “20.9M attacks, targeting 6.34M unique IP addresses, over a two year period.” The study is called “Millions of Targets Under Attack: a Macroscopic Characterization of the DoS Ecosystem” and also found that on average, there are “28,700 distinct DoS attacks every day.”
DoS attacks typically target high-profile web servers such as banks or credit card companies. Attacks may transpire as revenge, blackmail, or activism techniques. Whatever the motivation, the result is the same: Deprive legitimate users of a service or resource.
The United States Computer Emergency Readiness Team (US-CERT) has identified the tell-tale signs of a DoS attack:
- Unusually slow network performance
- Unavailability of a particular web site
- Inability to access any website
- Dramatic increase in the number of spam emails
Types Of DDoS Attacks
The most common type of DoS attack involves flooding a network server with requests, overloading it with traffic. The overwhelmed server then is unavailable to legitimate users.
There are several types of DoS attacks:
- Smurf Attack: Sends Internet Control Message Protocol broadcast packets to many hosts with a spoofed source IP address that belongs to the target machine. The target responds and becomes flooded with those responses.
- SYN Flood: Sends a number of requests to connect to the target server that can’t be completed. The connection queues fill up and unavailable for any other requests.
- Buffer Overflow: Data transferred to a buffer exceeds the storage capacity, and then the data overflows into another buffer – one the data was not intended to enter.
- Ping of Death: Sends a ping request that is larger than 65,536 bytes, which is the maximum size that IP allows, causing a buffer overload.
DoS vs. DDoS Attacks
From DoS, hackers created a Distributed Denial of Service (DDoS), which involves the use of multiple systems to attack a single machine or network. By increasing the number of source machines, the number of requests is multiplied, increasing the attack power.
The flood of incoming traffic from multiple sources can force a network to crash. Because DDoS attacks originate from multiple sources, they are often the most difficult to detect and shut down.
DDoS attacks are typically carried out using botnets to carry out larger attacks. Botnets, usually a group of hijacked internet-connected devices, are often victims of a cyberattack, as well. Using multiple originating sources also makes it difficult to differentiate legitimate users.
How To Protect Yourself From a DDOS Attack
DDoS attacks can prove to be costly to businesses – in lost revenue, time, and reputation.
To avoid becoming a victim of a DoS or DDoS attack, businesses can take the following preventative measures:
- Enroll in a DoS protection service that detects abnormal traffic flows and redirect traffic away from your network
- Create a Disaster Recovery Plan to ensure proper communication, mitigation, and recovery of data in case of an attack
- Secure all endpoint connections
- Install a firewall and restrict traffic
- Evaluate your security settings and follow good security practices.
Staying vigilant and implementing good security practices can prevent your business from falling victim to a cyberattack.
To learn more about protecting your business from a DoS and other types of cyberattacks, contact Datto.