As DDoS attacks are among the most damaging experiences that can happen to online businesses, it is crucial to take necessary steps to protect against them. Research states that small businesses can suffer damages of up to $120,000 per DDoS attack, while enterprise-level attacks can cost as much as $2 million.
DDoS attacks are relatively simple to pull off, making them appealing to cyber criminals around the globe. As a result, experts believe that the total number of DDoS attacks will double from the 7.9 million seen in 2018 to over 15 million by 2023.
Whether you’re a small business or a huge multinational conglomerate, your online services—email, websites, and anything that faces the internet—can be slowed or completely stopped by a DDoS attack. In this article, we list the most common types and offer resources to protect against DDoS attacks.
Most common DDoS attacks
Fundamentally, DDoS attacks are a type of brute-strength attack. They overwhelm your services through sheer numbers. However, they are growing more sophisticated as technology improves. There are three basic categories of attacks:
- Volumetric attacks: High traffic is used to completely fill up a network’s bandwidth
- Protocol attacks: Server resources are exploited and overwhelmed
- Application layer attacks: Specific vulnerabilities in web applications are exploited to crash the server entirely
There are various sub-types of distributed denial of service attacks that fall into these categories depending on how much traffic is generated and what vulnerabilities are exploited. The most common ones include :
This application layer attack uses specially-crafted GET or POST requests to overwhelm the service. This type of attack often uses interconnected computers that have been taken over with the aid of malware. Essentially, the requests force the application to work as hard as possible for every single request, leading to a crash.
Instead of targeting something specific, this application layer attack floods random ports on a network with UDP packets. The network host looks for a non-existent application there. When nothing is found, it replies with a “destination unreachable” packet. The result is a network that’s too busy responding to nonsense to reply to legitimate requests.
TCP connection sequences involve a “three-way handshake” where hosts and requesters must bounce several responses back and forth. In SYN attacks, the requester never follows up on the host’s response, leading the host system bound up waiting for acknowledgments that will never come.
The oldest type of DDoS attack, this assault sends as many pings as possible. The goal is to simply use up a server’s bandwidth as much as possible.
Instead of trying to push as much traffic through a door as possible, this HTTP attack aims to stand in the door and block it as long as possible. The Slowloris program opens a server connection and uses HTTP flooding to keep it open as long as possible. Doing so, preventing the server from opening other connections.
Famous DDoS attacks in recent history
As mentioned prior, even the largest businesses aren’t immune from denial of service attacks. Here are three of the most famous DDoS attacks in recent years. Learning from these experiences can create awareness and point you in the right direction to protect against DDoS attacks and avoid problems in the future.
The AWS customer attack of 2020
One of the most recent, large DDoS attacks targeted an AWS customer. The attack reportedly reached a maximum rate of 2.3 terabits per second — the second highest reported rate ever. The AWS service had some protections in place that helped mitigate the attack, but it was still a devastating attack.
The GitHub attack of 2018
Another large attack in recent history was aimed at GitHub. The assault reached a maximum rate of 1.3 terabits per second and knocked GitHub offline for 20 minutes. Luckily, the famous code-management service had a DDoS protection system in place, or the attack could have lasted much longer and had even worse consequences.
The Google attack of 2017
Even internet giants like Google are vulnerable to DDoS attacks. In October 2020, the company disclosed an attack from September 2017 that reached rates as incredibly high as 2.54 terabits per second. This record-breaking attack – the largest one on record to date – lasted for six months. While Google’s systems were capable of handling the load, they may be the only company in the world that could.
Easy steps to protect your website against DDoS attacks
Unless you have systems like traffic profiling and early threat detection already in place, it can be challenging to spot DDoS attacks. More often than not, you only find out when your website and services actually crash – which unfortunately is a little too late…
You can’t prevent attacks entirely, but you can mitigate and protect yourself against the consequences of these assaults. Here are four effective ways to guard your website against DDoS attacks.
Bullet-proof your network hardware configuration
You can help to prevent a DDoS attack by making a few simple hardware configuration changes.
For instance, you can configure your firewall or router to drop incoming ICMP packets or block DNS responses from outside your network (by blocking UDP port 53). This will help protect against certain DNS and ping-based volumetric attacks.
Deploy a DDoS protection service
Your best chance of mitigating a DDoS attack would be by deploying a DDoS protection service. Companies that heavily rely on digital services are particularly vulnerable, so extra help would be most welcome. For companies like this, it is essential to use multi-layered protection, because some DDoS attacks may actually hide other, more dangerous security breaches.
At mlytics, we use our own advanced DDoS protection technology and provide an easy-to-implement DDoS protection service that offers always-on, multi-layered protection against DDoS attacks.
Plan for DDoS attacks in advance
Planning for attacks in case they would happen, enables you to respond quickly before they actually start harming your website.
A proper cyber security plan includes a list of employees who will respond to the attack. It should also outline the way the system will prioritize resources to keep your most apps and services online, which could keep your business from crashing. Finally, you can also plan how to contact the ISP that’s supporting the attack, since they may be able to help stop it entirely.
One of the most basic steps to protect against DDoS attacks is to make your hosting infrastructure “DDoS resistant”. Simply put, this means that you prepare enough bandwidth to handle traffic spikes that may be caused by cyber attacks.
Do note however that purchasing more bandwidth alone does not satisfy as a complete solution to mitigate DDoS attacks. When you buy more bandwidth, it does raise the bar which attackers have to overcome before they can launch a successful DDoS attack, but you should always combined this with other mitigation techniques to fully safeguard your website.
If you’re a business with an online presence, you should take steps to be protected at all times. A complete security solution that takes into account every potential threat can safeguard you and your business for dangerous security threats and cyber criminals.
A DDoS attack can cause data breaches, take down your services, interrupt your daily operations, and even lead to the end of your company’s existence. If you’re working towards a comprehensive security solution, a DDoS protection service that can be easily implemented into your cloud infrastructure is imperative to help prevent web attacks.