Posted on May 2, 2017 at 8:56 AM
I’m sure you must have heard the term DDoS attacks at least a 100 times before, but not many people know what it actually means. Here in this article we have tried to explain each and everything there is to DDoS attacks! So, let’s begin.
The DDoS attack in layman terms:
Distributed Denial of Service or DDoS attack as you may call, is a kind of DOS attack in which numerous Trojan infected IoT devices/servers are used to target a single victim with the motive of overwhelming the target with multiple requests, messages or traffic to slow down or even crash the target!
The victim of a DDoS attack could be the servers of Banks, a magazine website, a betting website or any online service the hacker wishes to target!
DDoS attacks vs. DOS attacks
Although the DDoS attack is a kind of a DOS attack itself, but there is a basic thing which separates the two.
A DDoS attack uses a wide number of Trojan infected IoT devices and several internet connections for attacking the victim while in a DOS attack, a single PC and a single internet connection is used to achieve the motive!
Some Interesting Facts:
Okay, here are some quick facts about the DDoS attack which are really interesting.
- According to a survey, 1/3 of the total downtime of websites is caused by DDoS attacks.
- As per ATLAS threat report, more than 2000 DDoS attacks are performed on a daily basis to target different websites.
- DDoS attacks are sold on the DARK WEB. You can actually purchase a DDoS attack for as low as $100 on the Dark Web.
Anatomy of a DDoS attack:
Wondering how the DDoS attack works? Well, here’s how it’s done.
It all starts with the hacker infecting a vulnerable IoT device with a Trojan. This infected device then serves as a DDoS master to the hacker, and using it the hacker begins to search for more vulnerable IoT devices. Soon enough, when the hacker gets his hands on several infected IoT devices, the hacker begins his DDoS attack!
Just so you know, these Trojan infected IoT devices is controlled by a Command-and-Control server (C&C).
Categories of DDoS attacks
Okay, now let’s talk about the several types of DDoS attacks used by the hackers.
Although there are several types of DDoS attacks, all of them can be categorized into the following 2 types.
- Bandwidth Exhaustion attacks
As the name suggests, this type of DDoS attack is particularly designed by the hacker to flood he bandwidth of a server of the website with unwanted data and DNS requests. This increase in bandwidth can eventually lead to either slowing down the targeted website and in some cases a total shutdown!
Furthermore, the hacker can send a large amount of traffic to the targeted website in order to take it down. The hackers send packets of UDP, TCP, L3, L4 and sometimes ICPM to flood the website with unwanted traffic which prevents the legitimate users to access the targeted website. Also, attacks like DNS amplification, NTP amplification, and other such kinds are a part of traffic attacks.
- Application attacks (Layer 7 DDoS attack)
These attacks are attributed to targeting a particular aspect of a web-application/service. In this type of attack, the hacker generally exploit a particular feature of the application by sending too many requests, this results into the unavailability of that targeted application. A thing worth mentioning here is that L7 DDoS attacks are extremely difficult to spot as the hacker tries to copy the behavior of a legitimate user!
According to our research, more than 20% of the total DDoS attacks are application attacks.
Symptoms of DDoS attacks
If your website is under DDoS attacks, you will notice following things.
- A sudden increase in the amount of spam on your website.
- Unavailability of the website or server.
- A dramatic increase the traffic of the website.
- Extremely inefficient network performance.
Facing any of these issues? Well, there’s a pretty good chance that your website is under a DDoS attack!
How to stay safe?
DDoS attacks are increasing day by day and here’s what you need to do in order to stay safe!
- Always keep your site and the plugins updated!
- Keep an eye on the traffic and the spam on your website. The best way to keep yourself safe from a DDoS attack is to monitor the traffic and spam on your site and immediately block any suspicious activity.
- Follow good security practices including usage of firewalls, installing anti-virus and etc.
While the above measures are a good way to protect yourself from a DDoS attack, these steps don’t necessarily mean that you cannot be victimized. Therefore the best way to ensure DDoS attack protection is to seek help from professional security firms like ourselves to make sure that you are safe from DDoS attacks.