What is a DDoS attack?

If you’ve been reading the news lately, you’ll have probably heard about DDoS attacks. It was recently revealed 73% of organizations across the world had suffered one. Massive DDoS attacks have recently been launched on the popular news magazine, Newsweek, and the cybersecurity journalist, Brian Krebs’, website. So what are they, and is it possible to protect a system against the threat?

DDoS stands for distributed denial-of-service. They are an unsophisticated type of cyber-attack involving attackers stopping a network or website from working by bombarding it with junk data and thus flooding the target with massive amounts of data packets. For instance, if you were using a mobile banking site which had fallen victim to a DDoS attack, then you’d find the service would be very slow, or you wouldn’t be able to access it at all.

Cyber-attackers can do this by taking control of computers and connected devices infected with malware and/or accessing connected devices by way of using default usernames passwords that exist within the device. Once the attack has allowed them to gain access, they can use them to launch massive, coordinated attacks on a destination. Unfortunately, despite repeated warnings from cybersecurity experts, many devices including new smart home devices are not properly secured. Many use standard login information from the world’s worst password list or simple default choices like “admin” and “password”. These are all vulnerable to cyber-attackers, who can easily control them. You can find a list of default passwords here – avoid them!

Once hijacked, often tens of thousands of infected devices flood a specific target with information. Sometimes it’s junk data, which results in a loss of network bandwidth, rendering the target network dysfunctional. They can also involve sending more connection requests than a server can cope with. Attacks like this can make it impossible to access or publish on a network. It’s a similar effect to when a popular website goes down because too many people are using it.

When more than one device is involved – and particularly if we’re talking about hundreds of IoT devices – the attacks can be very difficult to stop, due to the number of IP addresses bombarding the system with attacks.

Unless you’re a well-known public figure, DDoS attacks shouldn’t affect you. But if you’re a business, then you should learn more about how to combat them. The best option is using a cloud mitigation provider, which has massive amounts of network bandwidth and is well equipped to filter out malicious network traffic. You can read more about cloud security on our website.

If you’re a businessperson, look out for these early warning signs of a DDoS attack:

  • Slow network – if your employees or customers are reporting that your system is functioning very slowly, then you could be a DDoS attack victim
  • No access – if you can’t access a website or webpage, a DDoS attack might be to blame
  • Huge increase in spam emails – this type of DDoS attack is known as an ‘email bomb’
  • No web access – a large DDoS attack could prevent you and your employees from accessing the web from a network computer

We believe that a long-term solution would be to encourage the replacement of traditional passwords with two-factor authentication, which we’ve talked about on the main blog here.

Got any more questions about DDoS attacks? Let us know in the comment section below or by tweeting to us at @JustAskGemalto.