Any company that operates online can run into cybersecurity issues—and a particularly nasty tactic that hackers sometimes use is DDoS. These attacks are a lot like hurricanes; we can predict that they’ll happen, but we never actually know when they’ll happen or how powerful they’ll be when they do.
A DDoS attack can quickly take out websites and servers of any size, even if they’re properly equipped to handle it. So today, let’s take a quick look at what a DDoS attack is, why they’re hard to defend against, and what you can do to safeguard against them.
What is a DDoS attack?
A distributed denial-of-service attack (DDoS) is a tactic that hackers use to force a website or a server to go offline. Essentially, what happens is that the hackers will send enough fake traffic to that site or server to overload it, making it unable to answer any requests from legitimate visitors.
It's a lot like a traffic jam on a freeway; too many cars on the road makes it hard for anyone to get anywhere.
How do they do this?
To create a DDoS attack, a hacker will gain control of a whole bunch of Internet-connected devices using malware like viruses, worms, spyware, and more. Malware is typically distributed through things like:
- Email attachments
- Links in phishing emails
- Fake advertising
- Holes left by out-of-date software (like unsupported web browsers)
- Infected storage devices like USB keys
That’s why it’s so important to check everything online before you click on it; if your computer or phone gets malware from somewhere, chances are you’ll never be able to tell.
This malware turns the device into a bot (also often called a zombie, fun fact), which the hacker can then command like a computer army to do certain things.
Once the hacker has enough bots at their command, they can use this network to target sites and overload them with traffic. And because each bot has its own legitimate IP address, it’s almost impossible to separate fake traffic from real traffic.
How do we stop them?
Pre-emptively, the best way to make sure that a DDoS attack doesn’t happen is to rely on the idea of herd immunity. Because the attacks come from a network of devices that have been infected with malware, ensuring that all of your devices and browsers are protected, updated, and uninfected means that hackers will have less to work with.
Many large companies and websites will also have measures put in place to protect against attacks like this, but it’s nearly impossible to predict when an attack will happen—or how much traffic it will bring with it.
When an attack happens, the biggest issue is identifying which traffic is the bad traffic. It’s like trying to figure out which cars don’t have their insurance slips just by staring at the hood.
There are a few strategies for managing this kind of traffic level, including things like specialized firewalls and rate limiting. It’s definitely something to discuss with your IT team!