A Denial of Service (DoS) attack involves the use of one computer and an Internet connection to make a service unavailable to a targeted resource or system. On the other hand, a Distributed Denial of Service (DDoS) attack can be defined as a type of Denial of Service (DoS) attack wherein many compromised systems (often infected with a Trojan) are made use of to target the Internet security of one system so that an online service becomes unavailable to it. Both the targeted system and all of the systems maliciously deployed and controlled by the hacker become victims of a DDoS attack.
Internet Security – How Does a DDoS Attack Work
When a DDoS attack occurs, an online service becomes unavailable to a system because the incoming traffic from multiple sources overwhelms the victim. As a result, blocking of an IP address alone may not be enough to contain an attack. Moreover, it is often very difficult to differentiate between legitimate user traffic and attack traffic, especially when it is spread across many points of origin.
Perpetrators of DDoS attacks target sites as well as services that are hosted on high-profile servers such as that of banks, news websites, credit card payment gateways, etc.
Internet Security – Types of DDoS Attacks
DDoS attacks are of different types. They commonly include the following:
Traffic attacks
In these attacks, huge volumes of TCP, ICPM and UDP packets are sent to the target system. This results in a loss of legitimate requests. Often malware exploitation forms part of these attacks.
Bandwidth attacks
This type of a DDoS attack involves overloading of the target system with a large amount of junk data. This leads to a loss of network bandwidth.
Application attacks
These attacks lead to a depletion of application resources layer and this in turn leads to non-availability of services to the victim.
Internet Security – DDoS Attacks Are Turning Out to be Increasingly Problematic
DDoS attacks are becoming increasingly problematic as they have the ability to take a person or business offline. Hackers make use of such attacks to render sites inaccessible and as a ploy extort money from the users of target systems. Victims of a DDoS attack often suffer serious losses as it becomes difficult to process online transactions. This also results in prospective customers moving over to the victim’s competitors.
Further, the bot technology used by hackers for executing these attacks continues to improve as many of them have been able to overcome different forms of bot-detection techniques that have been employed.
Though the average duration of DDoS attacks have reduced, they are being used more frequently now. Hackers are adopting a hit-and-run approach to DDoS attacks (multiple short attacks are launched instead of prolonged single attacks) so that detecting and defending an attack becomes difficult.
Internet Security – How Can Businesses Protect Themselves against DDoS Attacks
In the recent times, there has been a surge in cyber-attacks and Internet security breaches. Cyber-gangs like DD4BC and Lizard Squad have been instrumental in bringing down bank, media and gaming networks through DDoS attacks. As these Internet security attacks become more complex, some of the steps that organizations can take to mitigate threats and protect assets include the following:
The black-holing or sinkholing approach involves blocking all traffic and diverting it to a black hole for discarding it. Further, the routers can be configured in order to prevent simple ping attacks. This is achieved by filtering out protocols that are not essential and blocking invalid IP addresses. Firewalls can be made use of to shut off a specific flow related to an attack.
Intrusion-detection systems that work in conjunction with firewalls have also been found to be useful in protecting businesses against DDoS attacks. Moreover, configuring server applications in a proper manner helps to minimize the effect of an attack. Further, use of DDoS mitigation appliances or redundant network devices and buying excess bandwidth can be of help in handling DDoS attacks.
All these approaches may be helpful, but are not fool-proof. Therefore, a better approach, as far as Internet security is concerned, would be to make use of a managed DNS service that is cloud based. This is because such a service is manned by dedicated experts with networks around the globe. This ensures web presence of the business and the availability of its critical web services at all times. Creating a backup also improves availability and performance of websites. For example, deploying websites at additional leased data centers or cloud services located across the globe improves the global reach of businesses.