How to Prevent DDoS Attacks…

How to Prevent DDoS Attacks…

In its purest form, DDoS stands for Distributed Denial of Service. A DDoS attack is a combined cyber attack on a specific server or network, with an overwhelming amount of information, with the intended purpose of disrupting normal service. That’s the dictionary version, but what does a DDoS attack look like in the real world?

takeaway food

Imagine you have invited some friends over, enticed by the idea of a takeaway meal. Your friends arrive, and the wine is flowing. You call your favourite takeaway with your choices; 45 mins later, the food turns up. Wonderful.

So, what has a takeaway restaurant got to do with a DDOS attack? Let’s change the job titles around. Imagine the chef is your computer network server. Your network server, like the chef, deals with lots of information at a pace that the kitchen can normally manage. The phone at the takeaway rings every 5 minutes with a food order, this is a typical night. No problem.

But imagine if 456 customers, every second, for an hour rang the same restaurant, ordering a fake meal. Very quickly it would become apparent that the chef cannot cope with the number of orders coming through. They are denied their time to create meals for legitimate customers.

The flood of orders is actually being generated by a cyber hacker – they are disrupting the normal flow of service. If a customer can’t get through to make a purchase, it affects their whole experience about your brand, which can immediately affect your bottom line.

Know your enemy – DoS and DDoS

So, what’s the difference between DoS and DDoS attacks? If your network infrastructure is sent lots of information requests from just one source, it is called a DoS Attack – a Denial of Service. Luckily, most servers can cope with a single attack from a single source, they can identify where it is coming from and close the connection.

A DDoS attack is multiple information requests sent from multiple sources, not just hundreds, but thousands of computers at the same time. Your server effectively becomes overwhelmed with non-legitimate requests. Then the entire network is under assault, this is why you might see the little buffering wheel in the middle of your screen.
buffering wheel

Instead of the usual service that you’re used to.

online shopping

More online sales than ever

Online retail sales in 2012 stood at 10%. In 2021, online sales stood at 29% of sales (ONS.Gov). With it, the amount of DDoS attacks has increased accordingly. In 2018 Distributed Denial of Service attacks reached 7.9 million globally. It is estimated that DDoS attacks will reach 15.4 million attacks by the end of 2022 (Cisco).

What’s a Botnet?

A computer or botnet is a network of computers running bots, all run by a central bot ‘herder’. It can often happen without the computer owner’s knowledge that their computer is now part of a network of computers or “bots”.

So how can one computer get so many other computers to collaborate with it and create such havoc? We all receive many emails in a day, and it’s so easy to click on the wrong email. The virus software is then installed onto your computer, it will then just sit there quietly in the background. Then, when commanded by the cyber criminal’s prime computer, along with all the other rogue computers with the same virus programme in their system, it will send out fake requests to the targeted server.

DDoS Extortion Emails

There has been a rise in “DDoS for hire” sites that will for the price of a Bitcoin, launch multiple simultaneous attacks on a company for no good reason, other than that they can. Whatever their reasons, hotels, travel companies and financial services, all figure high on the to-do list of DDoS cybercriminals.

Sometimes cybercriminals don’t actually even need to perform a DDoS attack, they have been known to write into a company and just threaten them. The threat to a company’s web service, if it were taken down is often enough for most companies, just make the payment to a cybercriminal demand.

Ransom motivated DDoS attacks seem to be getting bigger in threat level. Only recently a record-breaking 3.47 Tbps (Terabytes per second) DDoS attack was launched, using 10,000 infected computers, from 10 countries around the world. Back in 2018, a record DDoS attack flooded a business target for 509 hours, that’s nearly 21 days of loss of revenue (Kaspersky). Fast forward to 2022, the DDoS attack strategy seems to have changed to the other end of the scale, with short, frequent attacks lasting just an hour, used to test the defence of a system.

How to Stop a DDoS attack

There are several types of DDoS attack formations that can be used to overwhelm a company’s network. Each can be devastating, difficult to detect and, when underway, terrifying for the business. But they can be stopped.

The first thing to do is to create a strategy to deal with a potential attack. Put together an audit of your current systems. This will help to identify potential security flaws within your network. From there, you can outline what your network response will be, in the event of a DDoS attack.

A good place to start building a defence strategy against would-be attackers is to strengthen your network infrastructure. This may include upgrading your firewall security, anti-virus, along with anti-malware software and some form of network threat monitoring systems, and software that will help you to detect any unusual network traffic across your systems.

As part of your strategy, look out for any warning signs across your systems. For instance, have you noticed an increased amount of spam across your network? Has your website been behaving oddly, going offline inexplicably? Have you noticed that your network is slowing down?

Some companies have found it useful to enact a planned attack so that they know what steps to take should an assault happen. As DDoS or DoS attacks can run for any length of time, one of the key ways to protect your system is to increase your network’s bandwidth, so that you’ll be able to accommodate unexpected activity over a duration of time.

And last but not least, you should include a plan as to how the business will communicate with the various stakeholders of the company, both internally and externally. If suddenly the business is plunged into the dark, everyone should know what their part in the plan is. If your company depends on an online presence, then you need to protect it. DDoS attacks can be incredibly painful to a company’s bottom line if they are unprepared for one. So, a multi-layered strategy that aims to shield your business is definitely the way to go.