It’s estimated that the number of distributed denial of service (DDoS) attacks will reach 16 million per year by 2022 — double the total that occurred in 2018. Much of the growth comes from cybercriminals expanding the number and types of attacks they execute. Hackers have moved beyond the financial services sector, for example, and their list of targets now regularly includes government-based information or registration websites, medical services providers, and on-line retailers.
The Internet of Things (IoT) has also contributed to the growth in DDoS attacks. Many IoT-enabled devices lack robust security, and their users often fail to change passwords on security cameras, routers, or TVs. Bad actors who take control of those devices can then use them to perpetrate their cyberattacks.
This guide explains how DDoS attacks work, why such breaches require specific security measures to keep your network safe, and the steps you can take to stop them in their tracks.
DDoS attacks happen when bad actors flood a service with requests coming from multiple sources, often other hacked accounts or sites. The volume of requests overwhelms a system or server, causing services to stop responding. The goal is to prevent the system from functioning.
There are three classes of DDoS attacks based on the resource being targeted:
The concept behind volumetric attacks is to overwhelm an online resource by flooding the website or server with malicious traffic.
- Protocol Attack
These attacks target the infrastructure. Packets are sent at a rate that exceeds the system’s ability to handle legitimate traffic.
- Application Layer
Flooding applications with malicious requests at a rate that eventually exceeds the application’s ability to respond to the requests.
No matter the type of attack, the aim is to prevent online resources from responding. DDoS attacks against a website or web server are the most common. By generating requests that require large amounts of data, bad actors can slow response times. Degraded service often costs companies thousands of dollars in lost sales.
What Does an Attack Look Like?
One of the most impactful DDoS attacks was perpetrated against six major financial institutions nearly a decade ago. A few facts to keep in mind about it:
- Its impact was felt by customers of Bank of America, U.S. Bank, Citigroup, JPMorgan Chase, Wells Fargo, and PNC Bank.
- The first phase occurred in September and October 2012 when website traffic spiked at all six banks.
- It caused disruptions in online and mobile banking services for days.
DDoS attacks still occur today, but the public is less likely to be directly impacted because of improved protections. For example, few may recall that Amazon Web Services was attacked in February 2020. Attackers used a vulnerable third-party within AWS to launch its denial of service attacks that lasted three days, but AWS continued to function throughout the issue. The right security makes a huge difference.
4 Tips to Help Stop a DDoS Attack
The best way to stop the threat of DDoS attacks is to prevent them from happening, but it’s important to know that even the best plans may fail. Here are a few tips on how to stop an attack should your company come under one — or, at least, slow it down:
- Increase Network Bandwidth
Although over-provisioning or increasing bandwidth to accommodate spikes in traffic can help reduce attacks, the magnitude of recent events makes that almost impossible. The AWS attack had a peak volume of 2.5 terabytes, for example, making added bandwidth cost-prohibitive. Consider bandwidth buffering whether you over provision or not, as it may give you time to determine if a DDoS attack is imminent.
- Check Traffic Controls
If the attack is protocol-based — which “consumes actual server resources, or those of intermediate communication equipment, such as firewalls and load balancers, and is measured in packets per second (Pps)” — the following may add a few minutes to allow you to get help:
- Rate limit routers
- Filter for spoofed packets
- Lower threshold values for user datagram protocol (UDP) or internet control message protocol (ICMP) floods.
These efforts won’t stop an attack, but may give you time to contact your internet service provider (ISP) or hosting provider.
- Contact ISP
Contact your ISP to see if they have resources to help stop DDoS attacks. They may have access to a scrubber network that will clean your traffic before forwarding it to you.
- Prioritize Resources
To keep critical applications and services working, disable non-essential resources. The object is to minimize demands on a network so that mission-critical services can be delivered.
The next step in stopping attackers is to contact DDoS mitigation specialists. These resources have experience in all types of such attacks and will be your best chance of getting your operations up and running.
5 Ways to Prevent a DDoS Attack
The beginning of a DDoS attack often mimics non-malicious events that limit availability. Servers fail or cables fray. The more safeguards you have in place to prevent an attack, the better your response will be should one occur. Here are some crucial ways to prevent such breaches from occurring in the future:
1. Know your network traffic.
Tracking inbound web traffic over 30 days can create a baseline for system activity that can be used to set alerts when traffic exceeds a pre-set level. Early detection improves the ability to counter an attack.
2. Create redundancy.
Having a backup or distributed solution enables an organization to switch to an alternative website while trying to provide protection against DDoS activity.
3. Deploy a DDoS appliance.
A network device such as a web application firewall can be deployed across a network to defend against unusual amounts of traffic.
4. Check network hardware.
Make sure all network devices are secure and have been configured to detect questionable internet protocol (IP) addresses. Confirm that the network has been configured to monitor simple mail transfer protocol (SMTP) and ICMP protocols.
5. Consult a DDoS mitigation specialist.
Denial of service experts can devise solutions to improve security measures to protect a possible target server or data centers.
6. Have A Response Plan.
The best approach to DDoS protection is a response plan. The middle of a flood attack is not the time to discuss how to address a possible attack with team members. A plan should outline what to do in case of protocol attacks or similar threats. It should identify critical resources that must continue to function and those that can be disabled to lessen the demand on a website. The better prepared a business is, the easier it is stopping a DDoS attack.
Protecting online assets is essential in today’s digital environment. Hackers are looking for information that can be used for financial gain. Files containing personal, financial, or business data are targets for cyber criminals.
That’s why old and unused files must be removed from your system. Deleting digital files does not completely remove them — they are still stored on your hard drive — but digital shredding does. Even recovery tools cannot restore such shredded information, and the process is simple: You drag files to a shredder bin instead of a recycle one and remove files permanently with a single click.
Contact Shred Cube today to discuss any questions you may have about permanently removing digital files from your computers and drives.