DDoS MORE PREVALENT THAN EVER
To add to the cybersecurity threats caused by the likes of malware, ransomware and phishing, we also have Distributed-Denial-of-Service (DDoS) attacks to contend with. Cloudflare reports that in the 3rd Quarter of this year, DDoS attacks have increased exponentially, with small businesses and enterprises in the United States being the most targeted. The UK and Canada were 2nd and 3rd, respectively. Even more worrying is that the attacks on computer software, gaming/ gambling, it, and internet companies increased by an average of 573% compared to the previous quarter.
WHAT IS DDoS?
DDoS attacks, sometimes referred to as Distributed Network Attacks, take advantage of network and server capacities and limitations. Put simply, network resources, such as web servers, can only cope with a finite number of simultaneous requests. Moreover, the capacity of the server is also restricted by a finite bandwidth to the Internet. A hacker executing DDoS sends multiple and automated requests to a website, thereby exceeding its capacity to handle the requests. This input-output overload will either inhibit the functionality of the website or cause it to fail completely.
BOTNETS AND ZOMBIE NETWORKS
To successfully accomplish a DDoS attack, cybercriminals use a botnet Zombie Network to send an overwhelmingly large number of requests to the victim’s website. A botnet is a type of malware that uses a network of interconnected and hacked computers, all connected to a centralized system controlled by a hacker. Like a botnet, the Zombie Network is a network of computers that have been infected by the hacker and, again, over which they have complete control. Using the botnet-infected Zombie Network, a cybercriminal can send out requests on such a scale that the attacked website is often rendered inoperable. Meris, which means ‘plague’ in Latvian, was one of the most proliferated DDoS botnets in Q3 2021. The malware targeted a financial services company, that prefers to remain anonymous, with its HTTP website recording 17.2 million rps (requests per second).
WHAT YOU CAN DO
Remember that these attacks attempt to knock websites offline by overwhelming them with traffic. Money is more often than not the motivation. Pay the hacker and the DDoS attacks stop. Don’t pay and your website won’t work. DDoS attacks can cost small businesses up to $120,000 each time, while enterprise-level attacks can cost as much as $2 million. Don’t run the risk. Here are 5 mitigative tactics to eliminate or significantly reduce the outset of an attack:
- increase your bandwidth to handle any spikes caused by cyberattacks
- implement server-level DDos protection
- plan ahead for potential attacks
- use hybrid or cloud-based services
- remind yourself that you are never too small to be DDoS ’ed
WHAT I CAN DO
DDoS attacks are often used to distract IT teams from a cyber intrusion elsewhere on the network to plant malware. And IT networks get compromised because employees have easy-to-guess passwords and forget to keep their software patched and updated. Don’t get DDoS ‘ed. I can help. I have over 20 years of experience in the provision of effective business IT solutions and am a cybersecurity expert focusing on risk mitigation. Place DDoS in the annals of history and contact me now.