Organizations often overlook the possibility that they could become targets of distributed denial of service (DDoS) attacks – largely because they underestimate this dangerous and frequently misunderstood threat and the motivations driving it. Yet DDoS attacks are more common than most realize. To avoid costly downtime, it’s vital to implement proactive DDoS attack prevention strategies that can absorb and deflect attacks before they reach your network.
Table of Contents
What Are DDoS Attacks?
A distributed denial of service (DDoS) attack is a cyber attack that looks to prevent an online service, network resource, or host machine from being available by exhausting its network or processing capacity.
To better understand this attack, imagine that you own a restaurant (or perhaps you don’t even need to imagine).
A few doors next to you is a competing restaurant whose owner is determined to make it as difficult for you as they can to do business.
One day, the owner decides to tell her staff to make fake orders and reservations at your place. You suddenly find yourself unable to serve real customers and generate revenue.
The denial-of-service attack we talk about in this article is not that different from the shady tactic described above.
They both overwhelm the target by flooding it with unnecessary requests – preventing legitimate requests from being fulfilled. The main difference is in their scale and execution.
Most organizations have been negatively impacted by a distributed denial of service (DDoS) attack in the past because a year doesn’t go by without a significant online service provider like Google or Amazon becoming temporarily unavailable after being targeted by cybercriminals.
DDoS Attack Example
DDoS attacks happen at the Network (layer 3), Transport (layer 4), Presentation (layer 6), and Application (layer 7) layers of the Open Systems Interconnection (OSI) model.
They sometimes involve thousands of compromised or controlled sources, commonly referred to as bots, which are used to generate massive amounts of traffic.
For example, Microsoft revealed earlier this year that the company had experienced a record-breaking DDoS attack that used 3.47 terabytes of data per second.
The attack originated from approximately 10,000 sources found in the United States, China, South Korea, Russia, Thailand, India, Vietnam, Iran, Indonesia, and Taiwan.
Most DDoS attacks are much smaller in size because the average cybercriminal doesn’t have access to a huge botnet.
What they have access to are various off-the-shelf tools and DDoS-as-a-service offerings – which supply DDoS attacks for money.
Such services have become very affordable in recent years. According to TrendMicro Research, just $150 can buy a week-long DDoS attack on the black market, and that’s cheap enough for virtually anyone to afford.
Common Targets of DDoS Attacks
Most DDoS attacks (65 percent) target organizations that are in the United States or the United Kingdom. Most people believe the criminals responsible for DDoS attacks only go after big fish like Microsoft, Google, and Amazon. Unfortunately, it’s not true.
Corero’s DDoS Trends Report Q2-Q3 2017 shows that most DDoS attacks are small, low-threshold attacks. Their targets include:
- Online shopping sites
- Educational institutions
- Government agencies
- Healthcare organizations
- Internet service providers
- Technology companies
If you have a business or organization that supplies services online, or if you have an online presence, then you are at risk of being attacked.
Attacker Motivations
The spectrum of common targets of DDoS attacks is so broad because attackers are motivated by many different things, including:
Personal Gains
There have been cases of university students launching DDoS attacks to avoid difficult exams and disgruntled employees (usually in the IT industry) using DDoS attacks as their tool of revenge.
Monetary Gains
Cybercriminals often launch DDoS attacks to make money. They may demand payment to stop the disruption or attempt to eliminate competition by taking down a business and limiting customer options.
Ideology
Hackers also carry out DDoS attacks for ideological reasons. For example, they may target oppressive governments or environmentally harmful companies to make a statement or disrupt their operations.
Geopolitics
Cyberwarfare has become a core component of modern military strategy. DDoS attacks often rise alongside geopolitical tensions – as seen in the ongoing Russia-Ukraine war – serving as digital weapons to disrupt and destabilize.
Boredom
Cybercriminals have always been a curious bunch, and they sometimes orchestrate attacks just to entertain themselves and impress their friends.
Anyone can become a DDoS victim for a variety of different reasons, and those who are protected the least are guaranteed to suffer the worst consequences.
Preventing a Denial-of-Service Attack
DDoS attacks come in many different forms – from those that revolve around sending large numbers of HTTP requests to flood servers to those that exploit the TCP handshake mechanism, which helps secure online communication.
To effectively protect against them, your organization should focus on:
Monitoring
Successful DDoS attacks are easy to notice, but their early signs are often much more subtle. You should implement a reliable network monitoring tool and configure it to send alerts automatically that way you can reliably spot them.
Filtering
Web Application Firewalls (WAF) and other traffic filtering solutions can be used to mitigate some DDoS attacks by denying illegitimate requests based on pre-defined rules and clever algorithms.
Diffusion
DDoS mitigation services can provide the capacity to absorb even the most severe attacks, and they’re priced well within reach of your small or medium-sized business.
Your organization can avoid costly outages, and the reputational damage associated with them. By implementing DDoS protection and other proven cybersecurity measures, you can strengthen your defenses and ensure business continuity.
Explore our expert-developed strategy to safeguard your business against today’s most disruptive cyber threats.
Discover 16 essential cybersecurity controls your small business needs to reduce risk and avoid costly damages associated with a cyberattack.