Cyber security technology and online data protection in innovative perception

FRAUD AND INTRUSIONS: DDoS attack

DDoS attack

In this article, you will learn about how DDoS attacks work. We’ll show you how to prevent them and introduce you to the tools you need to keep your business online if attacked.

Contact us

What is a DDoS attack? How to protect your digital assets

At its most basic, a DDoS attack (Distributed Denial of Service attack) is an attempt to maliciously disrupt the normal flow of traffic to a web server, a network, or another IT-based system. We’ll explain the modes of attack and how to prevent and combat them in this article.

How do DDoS attacks work?

What is DDoSing? This is the process of using a series of networked devices to coordinate an attack on a network, server, website, or system. A single computer won’t carry out a typical DDoS attack. Numerous malware infected devices controlled remotely effectively become bots, forming a botnet. The attacker will then issue a series of instructions to each bot remotely.

These instructions can tell the bot to target the IP address of the victim. Such a torrent of traffic rapidly overwhelms the server or network, resulting in a DDoS or Denial of Service attack. This will make the service inaccessible to anybody hoping to use it. Because each bot originates from a legitimate internet device and not one single computer, it is tricky to pinpoint and kill a DDoS attack.

DDoS attacks are irreversible, making them unprofitable for ransom. Therefore, the common motive behind DDoS attacks is either to damage a business, render it unoperational, or merely cause anarchy. Some hackers have been known to engage in DDoS attacks solely to show rivals that they can.

DDoS attacks are becoming more frequent, despite an improvement in preventative software and technology. The BBC fell victim in 2015, and GitHub was hit in 2018. Even the mighty Amazon Web Services (AWS) was not spared in February 2020. Don’t make the mistake of assuming that DDoS attacks only affect the most prominent companies, though. They can effectively target any business, no matter how small.

The methodology of DDoS attacks explained

New DDoS attacks spring up frequently, with around thirty primary delivery methods popular at any one time. Despite this, some attacks are favoured and more common than others. In most cases, all DDoS attacks today can be divided into three genres, although it is not uncommon to see multi-vector attacks used in coordination with one another. The three main genres you need to know are:

Application layer attacks

These will target the application itself. In most cases, we’re talking about web pages. Alternatively, they can target Windows, OpenBSD and Apache systems. The most common applications affected will be web servers.

One of the most relevant and recent application layer attacks is the slowloris. This leaves partial HTTP requests as open connections for lengthy periods, slowing down the target network.

Protocol attacks

This attack strategy exhausts a server’s resources. The over-consumption of these resources (such as firewalls) relies on weaknesses in internet communications protocols.

A SYN flood attack is a commonly faced protocol attack. Exploiting the TCP handshake, the attackers send many TCP (Initial Connection Request) SYN packets with spoofed IP addresses. The target machine responds to each request and waits for the “handshake”, which never occurs, exhausting its resources as more SYN packets are set.

Volumetric attacks

These send high amounts of traffic (request packets) to a network to overwhelm its bandwidth. Such congestion-based attacks are arguably the most established DDoS attacks.

HTTP floods cause a surge in traffic (having the effect of thousands of users hitting the refresh button at once) and can lead to a service being overwhelmed, effectively shutting out visitors and users. This is the most common form of volume-based attack. Still, others can include ICMP (Internet Control Message Protocol) pings, UDP floods (where attacks send a large number of packets to overwhelm the ability to respond), and NTP amplification attacks. The latter involves overwhelming a target by exploiting the Network Time Protocol (NTP) with excessive UDP traffic.

What about zero-day attacks?

It is also worth touching on zero-day attacks. These involve attacks that are not categorised into one of the main three genres, on account of them being largely unknown, new, or futuristic attacks with no patch yet available. They are much-feared as so little is known about them and are near-impossible to prevent.

ddos attack

Common defences against DDoS attacks

A typical DDoS attack used to be aimed at large companies and organisations primarily. However, ready-made packages at DDoS websites make it possible for even inexperienced hackers to target smaller businesses that often have fewer protections. Most are easy to carry about because the very nature of DDoS attacks enables them to get past firewalls and anti-virus software.

The most effective way to stop DDoS attacks is to take preventative measures ahead of time, thus making your systems and servers less vulnerable to sabotage by outside sources. The trick is to deploy techniques and methods to detect an attack in its infancy and knock it out of commission.

Banks, governments, and significant institutions utilise IDMS (Intelligent DDoS Mitigation System) and AMS (Attack Mitigation System) tools for monitoring. When used alongside conventional IT, these can make a difference.

Guide

Get a holistic and comprehensive trademark protection

To gain an even greater understanding of trademark protection, be sure to download our guide that will help you feel confident that you are doing the necessary work to protect your trademark.

Download guide

The optimal guide to understanding how to protect your brand

How to counter DDoS attack and protect your business

In theory, small-scale attacks can be effectively killed by blocking the IP addresses that convey large amounts of traffic to your network. However, this isn’t going to be possible for large scale attacks where the volume of traffic is overwhelming. There are preventative measures you can take, though.

You first need to develop a DoS (Denial of Service) response plan. This can vary depending on your infrastructure. Creating a systems checklist, and forming a response team is step one.

Step two is utilising protection systems to secure your network infrastructure. IDS (Intrusion Detection System) and IPS (Intrusion Protection System) options alongside IDMS and AMS are often effective. Having complex passwords that change regularly, anti-phishing software, and secure firewalls all help, but alone are not enough to defeat a DDoS attack.

Finally, it is recommended to outsource DDoS prevention to a cloud-based service provider and use private data centres and secure hosting solutions to secure your digital assets. Let's look more closely at these tools next.

Abion offers DDoS solutions

While it is often possible to hinder an incoming DDoS attack and potentially limit any fallout once it occurs, it is always better to actively prevent such an attack in the first place.

Here at Abion, we offer DNS solutions and an array of hosting services to boost the technical structure of your business. Our solutions can provide comprehensive protection against typical DDoS attacks, but also SQL injections and brute-force attacks.

We work with leading suppliers, including IBM, Palo Alto and VMWare, to ensure that we provide the highest level of security for our customers and clients. Together, we can help protect your business and prevent DDoS attacks.

Related services

Hosting

Hosting

As a leading web hosting provider, we offer everything from web hosting to custom-made server solutions for large and small companies.
S/MIME

S/MIME

S/MIME is the certificate that gives outgoing emails a digital signature and ensures that nothing in the email has been changed in transit.
DNSSEC at Abion

DNSSEC

Reduce the risk of being a victim of DNS infringement and ensure that domains only convey information from the right sources. DNSSEC, simply put, mat...
Server at ports group

Anycast DNS

Anycast DNS is a technology for routing network traffic that increases the speed and availability of your online resources. With Anycast, an IP addre...
Secure DNS at Abion

DNS services

Smart and smooth DNS management in our customer platform, Abion Core. We also offer DNSSEC, Anycast DNS, and Https redirect.
Secure email, ECP

Secure email, ECP

The technology behind secure email protects organizations against email fraud, both internally and externally for customers and suppliers.
Smart and effective Domain Management Abion

Domain Watch

Protect your domains with Domain Watch against fraudsters. The service protects you from scams such as mirroring your website, using a similar, missp...
Get VMC - Verified Mark Certificate at Abion

VMC Certificate

Verified Mark Certificate lets your company render a logotype in your customer’s e-mail clients. Become one of the first businesses with VMC.

Learn more about DDoS attacks

Are DDoS attacks illegal?

Naturally, cybercrime is snowballing. Governments and lawmakers alike are regularly adding new laws to protect against cybercrimes such as DDoS attacks.

How common are DDoS attacks?

Over a third of US businesses have experienced DDoS attacks. Volumetric attacks count for 73% of those, with protocol and application-layer attacks accounting for 23% and 16% of DDoS attacks.

How long does a typical DDoS attack last for?

With the right tools at a company’s disposal, DDoS attacks last a few hours at most. However, it is not uncommon for a typical DDoS attack to last upwards of 24 hours.

Are the effects of DDoS attacks permanent?

Not usually. While irreversible, they can be patched and fixed. So-called Permanent DoS (PDoS) attacks are rarer but not altogether impossible to resolve, either.

Did you not find the answer to your question? Contact us and we will help you.

INSIGHT & SUPPORT

Popular blogs

.nu ruling
Daniel Zohny
Online Brand Protection

Webinar: Online Brand Protection

Coming
Kommande
On demand
On-demand
Webinar
Webinar
English
1 March 2024