Have you ever heard of a site going down due to a DDoS attack? These distributed, coordinated attacks are extremely common, but most website administrators aren’t adequately prepared to deal with one. Launched by hackers, opportunists, cybercriminals, and occasionally, trolls, DDoS attacks and DoS attacks are designed to overwhelm your servers, preventing legitimate traffic from being able to access your site.
These types of attacks can be very threatening, taking your site down for hours, or even days at a time. But that doesn’t mean you need to be afraid of them. Last year, GitHub was the target of a 1.3 Tbps DDoS attack, one of the largest ever made public, but the website was able to stay online (for the most part) for the duration of the attack.
So what are these attacks, exactly, and how can you prepare yourself against one?
The Concept of DoS Attacks
All DoS attacks are designed to limit a website or application’s functionality by occupying its resources, such as its database reads or CPU cycles. There’s always a finite limit to the number and size of requests you can serve, so if someone pushes against that threshold, it could make your site unavailable to others.
There are a few main types of requests that can make this happen:
– A large volume of legitimate requests. Also known as volumetric attacks, these attacks are coordinated with lots of small requests, with each packet displaying the correct syntax, size, and other qualities. They’re designed to flood your servers with too many requests to handle.
– A small volume of high-need legitimate requests. By contrast, these requests are few in number, but large in size. For example, a handful of legitimate requests could each request a value of 2 GB, and/or provide the information slowly, like a byte at a time, to occupy computing resources.
– Illegitimate requests. It’s also possible to deal with a DoS attack that features “invalid” requests. Invalid packets are assembled into invalid requests, which can crash or otherwise compromise the integrity of your system—like the Ping of Death attack.
How Common Are DDoS Attacks?
DDoS attacks can be dangerous, but how common are they, exactly? It may not seem like they’re frequent, since you don’t hear about them every day, but the volume and severity of DDoS attacks is consistently increasing. Any business could potentially be a victim, but some industries are attacked more than others. The most common victims include wired telecommunications providers, data processing and data hosting providers, wireless telecommunications carriers, and software publishers. Both small and large companies can be affected by a DDoS attack, since big companies are often more lucrative and appealing targets, and small companies are often more vulnerable.
How to Prevent a DDoS Attack
The good news is that it’s possible to mitigate or prevent the majority of attacks that might threaten your organization.
– Secure your network. To some, this might be obvious, but take measures to secure your network infrastructure. You’ll need multiple layers of protection to guard yourself against the majority of DoS threats, including firewalls, VPNs, anti-spam software, content filtering, and load balancing—which should kick in when your server load starts to venture into atypical territory. Each of these security measures serves as a kind of filter to block out one or more DoS-related threats; while each has strengths and weaknesses, together they can provide you with nearly-comprehensive protection.
– Improve your resources. Your servers have a finite upper capacity, and DoS attacks will try to exceed that capacity. Accordingly, you can avoid some threats simply by raising that ceiling. This isn’t an option for every business, but it’s worth considering; investing in higher server load capacity or more robust computing resources could protect you from the majority of would-be attacks.
– Pay attention to basic security. Sometimes, DoS attacks exploit basic vulnerabilities that arise from human error. If you and your employees follow best security practices, such as maintaining strong passwords and tightly controlling user access, your risk profile will shrink.
Come up with a response plan. DoS attacks can be mitigated if they’re caught early. At the very least, you should have a monitoring system in place that will alert you of unusual activity or atypically high loads. It also pays to have a response plan in place, including a designated team who can take action and prevent the attack from getting any worse.
The bottom line here is that DDoS attacks are common, and you should take the threat seriously. Fortunately, as long as you invest in the right preventative measures, you can guard your website or web application from the majority of would-be attempts to overwhelm your resources.