On October 21, 2016, the United States experienced one of the most sophisticated and complex DDoS (pronounced “dee-dos”) attacks in internet history. The first wave of attacks came at approximately 7:10am ET, targeting internet performance management company, Dyn, and affecting widely-used sites and their customers, such as Twitter, PayPal, Amazon and Netflix. In this article we will break down the components of a DDoS attack and what you need to know as a website owner.
Defining DDoS
DDoS stands for Distributed Denial of Service. It is defined by Digital Attack Map as “an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources”.
An analogy would be to think of hundreds of people calling all the pizza shops in Chicago to each deliver a pepperoni pizza to a single house at 5pm on a Tuesday. Obviously, that house would be completely overwhelmed, as would the street it sits on and the streets all around it. No one would be able to get in or out of that house, to say nothing of all the other houses on the streets that would also be affected.
Back to the DDoS, often malicious software to conduct these DDoS attacks can be purchased on the dark web, a layer of the internet made up of websites hidden from search engines that can only be accessed using special software (News.com).
These attacks typically target a variety of important online resources ranging from banks and news websites to social networks and payment services. The main goal of a DDoS attack is to cause disorder by making sure people cannot publish or access important information.
While last week’s attack was major news, DDoS attacks are actually quite common. In fact, one-third of all downtime incidents are attributed to DDoS attacks (Verisign/Merril Research) and according to ATLAS Threat Report, more than 2,000 daily DDoS attacks are observed world-wide by Arbor Networks. That’s a lot of pizza.
How Does a DDoS Attack Work?
The Background
According to Digital Attack Map, Cyber criminals start out by building networks of infected computers by spreading malicious software through online communications, such as emails, websites and social media. These networks of infected machines are known as ‘botnets’. Once infected, these machines (computers, tablets, phones, smart home devices) can be controlled remotely and used together to launch an attack.
The Attack
Botnets generate overwhelming amounts of traffic to a specific source, causing it to reach capacity, and essentially, freeze up. Two common ways these attacks are executed include:
- Sending more connection requests than a server can handle
- Sending huge amounts of random data to use up bandwidth
Unfortunately, the dark web is filled with online market places specializing in buying and selling botnets or individual DDoS attacks at little to no cost.
Protecting Your Assets
If you are worried about the safety and security of your website, we are here to ease your concerns. A reputable internet security company will work round-the-clock to ensure that your website stays online and performing at peak capacity. Firewalls, preventative measures, and disaster recovery plans should be put in place to ensure the security of your website.
At Informatics, we focus on keeping your most important assets safe from malicious attacks. Our team monitors the internet 24/7 to proactively block such attacks and keep your site operating securely. Contact us today to learn more about our security measures and hosting packages.
Sources: Digital Attack Map; News.com; Dyn