figures
Blog

5 Most Important Things to Know about DDoS attacks

Admin Globaldots
11.04.2016
image 4 Min read

Nowadays, companies are more than ever aware that security attacks can be fatal for a business – getting your website up again is much easier than getting back the customer trust you lost in midst of a successful DDoS attack. DDoS attacks are becoming increasingly common, according to research published by Akamai at the end of 2015. It reported a 180 percent increase in the total number of DDoS attacks compared to the same period a year earlier.

ddos attack

Software and technology firms suffer about 25 percent of all DDoS attacks, with Internet and telecoms companies suffering just 5 percent of DDoS attacks, down from 13 percent the previous quarter. The online gaming industry is the major target, accounting for 50% of all DDoS attacks, according to Akamai.

The barrier to entry of DDoS attacks in terms of cost has pretty much diminished, meaning that anyone can launch an attack – being prepared for incoming DDoS attacks can save you a lot of resources down the way. These are the 5 most important things to know about DDoS attacks, helping you to successfully push back (and recover from) an attack:

1. DDoS attacks come in different types and forms. The four most common categories of attacks are:

TCP Connection Attacks – Occupying connections

These attempt to use up all the available connections to infrastructure devices such as load-balancers, firewalls and application servers. Even devices capable of maintaining state on millions of connections can be taken down by these attacks.

Volumetric Attacks – Using up bandwidth

These attempt to consume the bandwidth either within the target network/service, or between the target network/service and the rest of the Internet. These attacks are simply about causing congestion.

Fragmentation Attacks – Pieces of packets

These send a flood of TCP or UDP fragments to a victim, overwhelming the victim’s ability to re-assemble the streams and severely reducing performance.

Application Attacks – Targeting applications

These attempt to overwhelm a specific aspect of an application or service and can be effective even with very few attacking machines generating a low traffic rate (making them difficult to detect and mitigate).

 

2. Identifying a DDoS attack early

If you run your own servers, you need to be able to identify when and if you’re under attack. The sooner you identify that you’re under attack, the sooner you can start doing something about it. Familiarize yourself with your typical inbound traffic profile; the more you know about what your normal traffic looks like, the easier it is to spot when its profile changes.

Most DDoS attacks start as sharp spikes in traffic, and it’s helpful to be able to tell the difference between a sudden surge of legitimate visitors and the start of a DDoS attack. Nominating a DDoS leader in your company is a good start.

 

3. Attack amplification – there are two ways attacks can multiply the traffic they are sending

 

  • DNS Reflection – Small request, big reply

By forging a victim’s IP address, an attacker can send small requests to a DNS server and ask it to send the victim a large reply. This allows the attacker to have every request from its botnet amplified as much as 70x in size, making it much easier to overwhelm the target.

  • Chargen Reflection – Steady streams of text

Most computers and internet connected printers support an outdated testing service called Chargen, which allows someone to ask a device to reply with a stream of random characters. Chargen can be used as a means for amplifying attacks similar to DNS attacks.

 

4. The loss of customer trust is the biggest consequence of a DDoS attack

The loss of trust and confidence of customers is the most damaging consequence of a DDoS. It’s reported that 50% of companies that fell victim to a successful DDoS attack, suffered from loss of customer trust, followed by a 34% loss in revenue. Network or website service availability is crucial to ensure customer trust and satisfaction – when an end user is denied access to your website/web service, or if latency issues obstruct the user experience, it immediately impacts the bottom line. Small-scale attacks can also be deadly by impacting network performance, ultimately ruining user experience. Loss in customer trust is not a technical issue, it’s a tactical issue – avoiding this crisis should be your priority.

 

5. Hiring a DDoS specialist is the best way to handle attacks and permanently protect your web business

In midst of an DDoS attack,  your best chance of staying online is to use a specialist DDoS mitigation company. These organizations have large scale infrastructure and use a variety of technologies, including data scrubbing, to help keep your website online. DDoS mitigation services are not free, but it’s cheaper to hire a DDoS specialist than recover from a successful attack. These are just some of the DDoS mitigation specialists you should put into consideration:

  • Akamai
  • Amazon Web Services – AWS
  • Incapsula
  • CloudFlare
  • Arbor
  • Verisign
  • GlobalDots
  • Neustar

Also, it’s a smart idea to create a DDoS playbook which documents in detail every step of a pre-planned response when a attack is detected. DDoS mitigation companies can help with this by running a simulated DDoS attack, enabling you to develop and refine a rapid corporate procedure for reacting to a real attack. Planned response is all that matters.

Comments

0 comments

There’s more to see

slider item
Your Innovation Feed

eBook: Don’t Fortify, Amplify: The New Cloud Security Stack

Steven Puddephatt 25.11.21

2021’s Security leaders deal with everything from cloud-native insider threats to staying one step ahead of the unknown. While the cloud is made to amplify and speed up core business processes, the pressure to fortify cloud-borne assets from possible cyber threats painfully slows things down.  GlobalDots harnessed its 17-year cloud security experience to rethink cloud […]

Read more
slider item
Identity & Access Management (IAM)

How IT can Breeze through Onboardings without Additional Hirings

Dror Arie

Which IT Nuisance Would You Automate First? Employee onboarding is one of the heaviest, most complex operations on a company’s IT. This is especially true in fast-growing companies that may see multiple onboardings per day. And, of course, the wider a company’s software tools array, the more accounts to create and permissions to manage. In […]

Read more
slider item
Cloud Workload Protection

GlobalDots Partners with CWP Innovator Lacework

Li-Or Amir 23.11.21

In its constant endeavor to enrich its cloud security offering with the latest innovation, GlobalDots has recently introduced security unicorn Lacework to its vendor portfolio. Founded in 2015, Lacework offers a cloud security monitoring platform which brings together some of today’s top needs: Workload protection, container & K8s security, compliance monitoring. Last weekend (Nov. 18th, […]

Read more

Unlock Your Cloud Potential

Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.
Contact us
figure figure figure figure figure