Distributed denial of service (DDoS)
A DDoS attack is a form of cyberattack in which the perpetrators seek to disrupt or crash a website, network or other online service by overloading it with a high volume of fake or junk requests.
What motivates a DDoS attack?
There are several motivations for a DDoS attack. For cybercriminals, these typically include earning money by selling DDoS attacks as a service, blackmailing potential targets into paying a ransom, hacktivism and gaining a competitive advantage.
Sophisticated threat groups are known to use DDoS attacks mostly as a part of or as a distraction from other, more severe activities such as cyberespionage and cybersabotage.
How do DDoS attacks work?
Perpetrators of DDoS attacks use networks of distributed, compromised devices to disrupt systems by targeting one or more of the components necessary to establish a connection (see the OSI model) to a network resource.
Some of the most common attacks include:
Denial of service (DoS) vs Distributed denial of service (DDoS)
As the name suggests, the difference is mostly in the number of attacking machines. In the case of DoS, the attack typically utilises a script or tool, originates from a single device and targets one specific server or endpoint. In contrast, DDoS attacks are executed by a large network of attacker controlled compromised devices also known as a botnet and can be used to overload selected devices, applications, websites, services or even victims’ whole networks.
How do you know if your organisation is experiencing a DDoS attack?
The most obvious telltale sign of a DDoS attack is poor performance or the unavailability of the targeted system or service. In case of a website, this might translate into long load times or inaccessibility to people inside and outside the organisation. There are also publicly available services monitoring DDoS attacks such as downforeveryoneorjustme.com or downdetector.com
Read more
7 reasons why your organisation should care about DDoS attacks
- An organisation under a DDoS attack will always lose revenue due to its website, services or systems being unresponsive. Mitigating an incident also additionally strains the security budget.
- According to several established vendors monitoring the DDoS scene, the number of incidents has been rapidly growing in the last three years.
- DDoS attacks are also becoming more powerful; some are even strong enough to disrupt global services. While 2020 saw its largest (network layer) attacks exceed the 1 Tbps threshold, in 2021, a few notable incidents were already well in the 2-3 Tbps area. When counting requests per second (RPS), at least two DDoS attacks in 2021 (reported by Cloudflare and Yandex) have passed into the 15+ million RPS territory.
More reasons
What can your organisation do to protect itself from DDoS attacks?
DDoS attacks can be hard to mitigate for organisations that don’t have the right resources, such as hardware or sufficient bandwidth. However, there are things even small and medium companies can do to increase their protection:
- Monitor your network traffic and learn to identify anomalies in the Internet traffic. This way, you can identify bogus or fake requests that are flooding your systems and block them.
- Have a disaster recovery plan in case a DDoS attack strikes your website or systems. This might include having backup servers, website and alternative communication channels.
- Consider moving to the cloud. This will not eliminate the threat but it can help mitigate attacks due to the higher bandwidth and resilience of cloud infrastructure.
- If you have already been targeted with a DDoS or are at risk, consider using DoS and DDoS protection services that can help you mitigate the impact of an attack.
- Don’t let your devices become part of a botnet that can contribute to a DDoS attack. Make sure you follow the rules of good cyberhygiene, keep all your devices and their software up to date and protect them by installing a multilayered security solution.
Prevent DDoS attacks now
ESET PROTECT
Advanced
Get effective protection with the capabilities to mitigate the risks related to DDoS attacks. ESET multilayered endpoint security solutions use sophisticated Network attack protection technology with advanced filtering and packet inspection to prevent disruptions.
