Whenever we hear anything related to cyber security in the news, it is more than likely that the word DDoS will be mentioned, so what is a DDoS attack and how can we protect against it?
It is a term that has been bandied about more and more since the rise of hacktivist groups Anonymous and LulzSec, and to put it simply, a DDoS attack floods a website with malicious traffic to make it unavailable to its intended users.
Using zombie computers, often called botnets, to send repeated requests to one service, a DDoS attack overwhelms a solution to the point where it cannot cope, preventing the server/site from handling genuine requests.
The sole purpose of a DDoS attack is to prevent a website from handling genuine traffic and to slow the page-load speeds down so far that the site becomes unavailable to visitors.
The hacker group Anonymous are the most renowned users of this type of attack. Their most prominent attacks include last year’s assault on PayPal, Mastercard and Visa as part of their ‘Operation Payback’ campaign in support of WikiLeaks.
DDoS attacks can not only be costly to a business because the subsequent downtime prevents online shoppers making their purchases, it is also very damaging to a business’ reputation.
Dealing with a DDoS attack
Although a DDoS attack may be targeting a specific site or server, the attack can put massive strain on networks because of the increased bandwidth usage and can even take down complete networks.
Bearing this in mind, it is vital for hosting companies to protect their networks as much as possible – a constant task as techniques become more complex and tools become widely-available.
At UKFast, we have developed a DDoS blockade system, the Secarma G8, to mitigate the effects of an attack.
The blockade sits outside of the firewall and tackles the malicious traffic before it hits your solution. We identify any malicious requests, and set up a decoy page to respond to these. The DDoS blockade then absorbs the malicious DDoS traffic, leaving your site to perform to real requests and visitors as normal.
Last year was undoubtedly the ‘year of DDoS’ with attacks becoming more frequent and racking up column-inches, as the tools to carry out attacks become readily available over the net. Now is the time for businesses to consider if they have got the necessary DDoS defences in place and what they stand to lose as a victim.