Distributed Denial of Service (DDoS) Attacks: What They Are, and How They Work

DDoS Attacks

Cryptojacking stealthily steals your money; ransomware blatantly demands it. So, what are Distributed Denial of Service (DDoS) attacks trying to accomplish? In a nutshell, they’re trying to crash your system. Before we delve into how a DDoS attack is executed, let’s take a look at who is behind this threat, and what they hope to accomplish.

 

Who is Behind DDoS Attacks?

Oftentimes, DDoS attacks are executed to wreak havoc (and just to see if it can be done). Because a DDoS attack is easy to organize, novice hackers may use it to test their skills before moving on to bigger attacks. However, there are four other factors that may be the driving force behind a DDoS attack:

  • Political motivation. Hackers may execute a DDoS attack to spite or hurt an organization or company that they are at odds with.

  • Financial motivation. If a hacker is successful in completely bringing a network to its knees, they may demand money to disengage so that their victim can get back to business as usual. While most DDoS attacks are short in duration, some have lasted as long as 12 days making this a viable motivator.

  • Competition. While it’s a particularly nasty—and illegal—form of competing, no one ever said the business world wasn’t cutthroat.

  • Data theft. A DDoS attack may be executed to keep IT techs occupied on the “smaller picture” while the hacker’s primary goal of a larger data breach is carried out.

How Does a DDoS Attack Work?

DDoS attacks occur when a cyber-criminal floods a targeted organization's network with access requests; this initially disrupts service by denying legitimate requests from actual customers, and eventually overloads the network until it crashes.

Criminals execute their DDoS attacks by sending out malicious code to hundreds or even thousands of computers, instructing each one to send requests to a single organization. This is usually accomplished through a botnet; a network of private computers infected with malicious software that is controlled as a group, without the knowledge of each individual owner.  

One of the most troublesome aspects of DDoS attacks is how they turn the internet into an enemy. Because they’re executed as a standard function of internet architecture—one computer asking another for access—they’re difficult to see coming. They’re also tricky to prevent; organizations certainly don’t want to deny an influx of legitimate access requests while attempting to block illegitimate ones.

 

Who is at Risk of DDoS Attacks?

Many assume that hackers go after only high-profile companies to make headlines; and of course, sometimes they do. A 2016 attack temporarily shut down corporate giants such as Twitter, the Guardian, Netflix, Reddit, CNN, and many other sites, damaging their brand reputation and frustrating customers.

However, many DDoS attacks are of the small, low-threshold variety. Despite their small stature, these organizations still house lots of valuable data, including personal and financial information, that can be stolen and sold on the black market. Additionally, hackers may use a DDoS attack to mask a much larger data breach.

 

The Downtime Factor

If the DDoS attack isn’t being executed to pilfer money or mask a more serious data breach, isn’t it little more than a nuisance? Not when you consider downtime. Most organizations estimate that downtime costs about $350,000 per hour. While the majority of DDoS attacks often last ten minutes or less, that could still cost you $35,000 per attack (that’s right, per attack). Studies show that in 2018, companies faced an average of eight attacks per day; if all of those struck your business, you could be looking at $280,000 worth of downtime daily.

 

Finding a DDoS Solution

Last year, there were 7.5 million DDoS attacks, and due to the ease of execution, there’s no reason to think 2019 will be any different. For many organizations, a cloud provider offering high levels of cybersecurity, including firewalls and threat monitoring software, may be the best bet when it comes to quashing DDoS attacks. Reputable cloud providers also offer network redundancy, duplicating copies of your data, systems, and equipment so that if your service becomes corrupted or unavailable due to a DDoS attack, you can immediately switch to secure access on backed-up versions without missing a beat.

If you’re interested in the security of a predictable cloud provider and protection from DDoS attacks, contact the experts at DSM to learn more or schedule a free security vulnerability assessment. And if you intend to go it alone, remember that the next time you see an influx of traffic signaling a banner day for business, hold off on the high-fives and fist-bumps: you may be facing a DDoS attack.

6 Tips to Achieving Cloud Predictability

Related posts