The distributed denial-of-service (DDOS) attack is one of the most famous cyber-attacks on businesses and has the ability to cost businesses millions of dollars. But what exactly is a DDOS attack, and how does it hurt businesses?
A Distributed Denial-of-Service Attack
A DDOS attack is a specific type of cyber-attack that can be used to bring a website or application offline. More generally, it can be used to target any service, machine, or resource on a network. This is achieved by flooding the victim with traffic from lots of different sources or computers. Each source makes many requests to the victim for things such as webpages, images, or videos. As the website must reply to each request, it can get overwhelmed when too many requests come in at once, and then fail to reply. If it fails to reply to the attackers, it is also failing to reply to genuine users, and the website is brought offline.
In real-world terms, this is equivalent to many customers trying to get through a shop’s door at the same time. The doorway can only fit one or two customers at a time, but if a hundred all try to get through at once, the doorway becomes blocked and genuine customers struggle to get through.
In the cyber world, attackers achieve this by taking over armies of machines – each machine is sometimes known as a zombie or bot. When an attacker manages to take over thousands of zombies, they can create what is known as a botnet.
With just a few commands, attackers can instruct their botnets to all make requests at a specific website and bring it down. Since the website sees the requests are coming in from different locations, it can be hard to differentiate between attackers and legitimate users, and therefore difficult to stop the attackers without stopping genuine trade.
To make matters even more complicated, attackers will sometimes use their zombies to control other zombies, creating a complex network where it is hard to track down the original source.
How Much Damage Can It Do?
DDOS attacks can cause loss of trade, loss of customers who may never want to return, loss of revenue, damages in terms of productivity, and damages to the business’s reputation. There are several examples in history to prove these points.
In 2016, a DDOS attack on a company known as Dyn brought down many services across the Internet. Dyn was a company responsible for mapping domain names for websites to IP addresses, a service that allows people to connect to websites by typing in URLs. By attacking this company with a DDOS attack, many famous websites were affected including the BBC, Netflix, Twitter, Spotify, and Reddit. It is believed that over 4% of customers permanently left Dyn shortly after the attack.
In 2014, a client of the DDOS-protection service Cloudflare was attacked with over 400 gigabits of traffic per second. Technical aspects of the attack made it hard to stop, and the attack lasted for several days, severely hurting the client. In fact, the attack was so big that it started to affect the Cloudflare network and other clients.
How Are DDOS Attacks Stopped?
In a simple attack, websites can add rules to their firewalls that stop traffic from specific locations or IP addresses. For example, if all DDOS traffic is from one country that the website normally doesn’t get traffic from, the firewall can be used to block traffic from that country.
Most botnets are now more complicated than that. It can often be difficult to determine whether traffic is malicious or legitimate based upon simple rules. Many businesses are turning to cloud-based services to protect themselves. The cloud has far more resources and bandwidth to deal with these attacks than private networks do, which simply allows the cloud to soak up more of the damage for the business.
These cloud-based services are also maintained by teams of engineers and experts whose job is specifically to stop attacks such as DDOS attacks. They can apply the newest research and techniques in order to stop attacks and protect businesses. Although some major tech companies such as Amazon, Google, and Microsoft are able to spend millions building their own teams, it is usually cheaper for businesses to make use of these cloud-based services.
While DDOS attacks are often complicated to stop for small businesses, new technology allows them to join up with cloud-based services and stop these attackers. Providing these attacks can be detected, they can be stopped early enough to not cause major upset for many businesses.
Comments