DDoS or “Distributed Denial of Service” is an attack trying to overload your systems. This kind of malicious act is commonly used to block access to services by overloading them. Hackers are generally using botnets to DDoS their target. It means that a large amount of computers will try to attack the target at the same time. Imagine a hundred or a thousand times your normal traffic accessing to your systems. What typically happens is most systems become unresponsive as the web and app servers struggle to keep up with the responses to all those requests and the max connections limit gets reached very quickly. This effectively disables a site or application by preventing it from responding to proper traffic and requests and bogs it down. Though DDoS itself is not a hack, it is a denial of service and causes outage.
Why Preventing DDoS?
DDoS can target a network or a system. On a network, it will try to cause bandwidth saturation or even flood the network infrastructure. It will cause outages to customers on the entire network. Once an attack of this kind is running on your network it can be very difficult to stop it. Identifying the source without access to monitoring tools or network administration may be nearly impossible and it may force you to temporarily shutdown the network.
When it is targeting a system, it can block all access. You will not be able to administrate it anymore. But your customers will not have access to it too. It means they will be unable to view content, log into accounts or event make purchases. Restarting the systems will not stop it, overload will be stopped for a small amount of time, but as soon as your system will be restarted, attackers can overload it again. So in both cases, the only real solution is be to prevent it.
How to be protected from DDoS?
One word: filtering! It is the only way to separate good and bad connections. A good DDoS protection protects against attacks trying to overload the bandwidth as well as applications attacks which uses small amount of bandwidth by running abnormal queries trying to reach the maximum number of queries a system can answer.
When using external provider for protection, you redirect the traffic through a scrubbing center where it will be filtered based on predefined traffic patterns which are known to be DDoS attacks, and heuristics which are abnormalities in traffic patterns. It will inspect and analyse each packet to detect malicious traffic before it reach your systems.
Future of DDoS
“Internet of Things” (IoT) devices are connected devices. Nowadays everything is getting connected. Your television can be connected, your phone is, your car may be connected ! Due to this trend, DDoS has reached a critical mass.
Thanks to “IoT Botnets”, botnets using connected equipment, in each attack hundreds of thousands of devices connected to the internet are being leveraged. It allows attackers to make bigger attacks than ever. Recently they attacked a DNS company in New Hampshire.
DNS are the root of internet, without them you are not able to access any website or service over the internet. The difference with this new kind of attack is that it is not only affecting a company and their services but a whole part of the internet.