Blog

5 Most Important Things to Know about DDoS attacks

Admin Globaldots
11.04.2016
image 4 Min read

Nowadays, companies are more than ever aware that security attacks can be fatal for a business – getting your website up again is much easier than getting back the customer trust you lost in midst of a successful DDoS attack. DDoS attacks are becoming increasingly common, according to research published by Akamai at the end of 2015. It reported a 180 percent increase in the total number of DDoS attacks compared to the same period a year earlier.

ddos attack

Software and technology firms suffer about 25 percent of all DDoS attacks, with Internet and telecoms companies suffering just 5 percent of DDoS attacks, down from 13 percent the previous quarter. The online gaming industry is the major target, accounting for 50% of all DDoS attacks, according to Akamai.

The barrier to entry of DDoS attacks in terms of cost has pretty much diminished, meaning that anyone can launch an attack – being prepared for incoming DDoS attacks can save you a lot of resources down the way. These are the 5 most important things to know about DDoS attacks, helping you to successfully push back (and recover from) an attack:

1. DDoS attacks come in different types and forms. The four most common categories of attacks are:

TCP Connection Attacks – Occupying connections

These attempt to use up all the available connections to infrastructure devices such as load-balancers, firewalls and application servers. Even devices capable of maintaining state on millions of connections can be taken down by these attacks.

Volumetric Attacks – Using up bandwidth

These attempt to consume the bandwidth either within the target network/service, or between the target network/service and the rest of the Internet. These attacks are simply about causing congestion.

Fragmentation Attacks – Pieces of packets

These send a flood of TCP or UDP fragments to a victim, overwhelming the victim’s ability to re-assemble the streams and severely reducing performance.

Application Attacks – Targeting applications

These attempt to overwhelm a specific aspect of an application or service and can be effective even with very few attacking machines generating a low traffic rate (making them difficult to detect and mitigate).

 

2. Identifying a DDoS attack early

If you run your own servers, you need to be able to identify when and if you’re under attack. The sooner you identify that you’re under attack, the sooner you can start doing something about it. Familiarize yourself with your typical inbound traffic profile; the more you know about what your normal traffic looks like, the easier it is to spot when its profile changes.

Most DDoS attacks start as sharp spikes in traffic, and it’s helpful to be able to tell the difference between a sudden surge of legitimate visitors and the start of a DDoS attack. Nominating a DDoS leader in your company is a good start.

 

3. Attack amplification – there are two ways attacks can multiply the traffic they are sending

 

  • DNS Reflection – Small request, big reply

By forging a victim’s IP address, an attacker can send small requests to a DNS server and ask it to send the victim a large reply. This allows the attacker to have every request from its botnet amplified as much as 70x in size, making it much easier to overwhelm the target.

  • Chargen Reflection – Steady streams of text

Most computers and internet connected printers support an outdated testing service called Chargen, which allows someone to ask a device to reply with a stream of random characters. Chargen can be used as a means for amplifying attacks similar to DNS attacks.

 

4. The loss of customer trust is the biggest consequence of a DDoS attack

The loss of trust and confidence of customers is the most damaging consequence of a DDoS. It’s reported that 50% of companies that fell victim to a successful DDoS attack, suffered from loss of customer trust, followed by a 34% loss in revenue. Network or website service availability is crucial to ensure customer trust and satisfaction – when an end user is denied access to your website/web service, or if latency issues obstruct the user experience, it immediately impacts the bottom line. Small-scale attacks can also be deadly by impacting network performance, ultimately ruining user experience. Loss in customer trust is not a technical issue, it’s a tactical issue – avoiding this crisis should be your priority.

 

5. Hiring a DDoS specialist is the best way to handle attacks and permanently protect your web business

In midst of an DDoS attack,  your best chance of staying online is to use a specialist DDoS mitigation company. These organizations have large scale infrastructure and use a variety of technologies, including data scrubbing, to help keep your website online. DDoS mitigation services are not free, but it’s cheaper to hire a DDoS specialist than recover from a successful attack. These are just some of the DDoS mitigation specialists you should put into consideration:

  • Akamai
  • Amazon Web Services – AWS
  • Incapsula
  • CloudFlare
  • Arbor
  • Verisign
  • GlobalDots
  • Neustar

Also, it’s a smart idea to create a DDoS playbook which documents in detail every step of a pre-planned response when a attack is detected. DDoS mitigation companies can help with this by running a simulated DDoS attack, enabling you to develop and refine a rapid corporate procedure for reacting to a real attack. Planned response is all that matters.

Comments

0 comments

There’s more to see

How Separating Data & Network Security Protects Your Supply Chain
Supply-Chain Data Protection
Dr. Eduardo Rocha, Senior Solutions Engineer & Security Analyst @ GlobalDots 09.05.22

Software supply chain security is an enormous concern for businesses today. According to a 2021 Argon cybersecurity report, software supply chain attacks increased threefold in 2021 compared to the previous year.  The constant race of companies to do things faster while delivering a better, richer user experience adds a multitude of vulnerabilities to the supply […]

Read more
SASE vs. SD-WAN: A Quick Guide
SD-WAN and SASE
Miguel Fersen, Senior Cloud Consultant @ GlobalDots

New technologies have a wicked tendency to pile up. With cloud solution categories now emerging on a weekly basis, the result of bringing them into your estate is usually more complexity and confusion. But sometimes, a single new technology allows us to rid a bunch of old ones in a snap. SASE pretends to be […]

Read more
Old Dogs, New Tricks: Innovating with CDNs
Content Delivery Network (CDN)
Dror Arie, Senior Solutions Architect @ GlobalDots 20.04.22

Today’s digital businesses with global customers cannot afford slow page loads and applications caused by physical distance and latency issues. Page load speeds can have a significant effect on customer acquisition and retention. Walmart discovered that a 1% increase in page load time results in a 2% increase in conversion rates. So businesses are using […]

Read more
Unlock Your Cloud Potential
Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.
Contact us