DDoS attacks can have significant negative impacts on companies. In fact, according to a recent study:
- 61% of DDoS victims temporarily lost access to critical business information;
- 38% of companies were unable to carry out their core business;
- 33% of respondents reported the loss of business opportunities and contracts.
In addition, in 29% of DDoS incidents a successful attack had a negative impact on the company’s credit rating while in 26% of cases it prompted an increase in insurance premiums. The implications of DDoS attacks are high, however, many do not know how to identify these attacks and the best steps to prevent them.
What are DDOS attacks?
A DoS (or Denial of Service) attack is simply an attempt by hackers to exhaust resources available to a network to prevent access of the user. In a DDoS (Distributed Dos) attack, the attacks are launched from multiple host sites simultaneously. This process blasts a network with senseless traffic, attempting to overwhelm and wear out the system. In some cases, the transmitted data can be magnified up to 179 times, flooding the target site and shutting it down.
DDoS attacks can be divided into three categories:
- Volumetric attacks – These attempts are simply meant to cause congestion by consuming the bandwidth within a target servers network.
- TCP State-Exhaustion attacks – These attempt to consume the connection state tables, which are present in many infrastructure components such as load-balancers, firewalls and application servers, taking down even high capacity servers.
- Application of layer attacks – Considered the most deadly DDoS attacks, these attempts target an application or service at Layer-7.
Why are DDoS attacks difficult to defend against?
DDoS attack tools are readily available to anyone on the Internet, allowing almost any user to impact another individual or organization. In addition, there are “botnets,” or networks of private computers used to send spam messages, that offer services at extremely low prices. As a result of the mix of spam and legitimate traffic, it becomes difficult to identify which traffic sources are creating the attacks. The cost of resources to battle these anonymous spam sources is high—taking valuable time and money. The average costs of a DDoS attack can range anywhere from $52,000 to $444,000 for an organization.
Preventing DDoS attacks within your system
The motivations behind DDoS attacks have shifted over the years from extortion and blackmail to ideological hacktivism and Internet vandalism. Because of this broader shift in motivations, there is a wider range of organizations being targeted. There are several ways to monitor your traffic and understand who is directing attacks towards your system:
1. Know your network
Companies need to understand, in detail, the types of traffic coming to their site, where it is coming from, and the schedule of when traffic is active, in order to predict attacks and alter security accordingly.
2. Have a response team ready
Companies need to allocate resources and team members to be prepared to respond to threats of DDoS attacks. Organizations should have numbers and information on hand to reach designated IT departments or service providers to ensure an attack is handled properly and quickly.
3. Know what and where to block attacks
Organizations should know their traffic, as well as their system infrastructure. In some cases, repeat visitors or important customers can be granted access to your sites even while there may be an attack going on and you have restricted access to other traffic sources. Blocking traffic before it reaches a network perimeter will prevent upstream links from being saturated during an attack. Some service providers have automated processes that allow customers to block traffic coming to and from certain sources.
Organizations should continue to be aware of the increasing threat of DDoS attacks on companies and systems. With knowledge of where traffic sources are coming from, how the systems infrastructure works, and how to effectively handle incidents, companies will stand a better chance of preventing these attacks.