BTB Australia

News

DDoS Attacks Explained – And The One Key Thing That Can Protect You

17 July 2018 Data, Security, Technology

It can be terrifying for any website or network to realise information has been hacked, but that’s not the only attack they should be worried about. By far, one of the most common threats affecting businesses of all shapes and sizes is a DDoS – a Distributed Denial of Service attack.

Unfortunately, many businesses don’t understand what a DDoS attack is, how it works, or what a hacker is likely to gain from it. That’s a shame, especially when SMEs are most vulnerable to this type of hit.

It’s especially a shame when there are some easy things businesses can do to make sure they stay safe and unaffected by these types of attacks.

DDoS Attacks Explained

A DDoS attack is just a way to make a network go offline by flooding it with traffic. Hackers use artificial traffic to overwhelm a network’s capacity, making it impossible for anyone else to access or use it.

The consequences of this are obvious: if your network is offline, you or your customers can’t use it. Yet DDoS attacks are often used for more nefarious purposes. Often, hackers then demand money or information in return for them making the traffic go away, returning the network to normal. Sometimes hackers do this just to prove a point rather than asking for any specific form of cash.

These attacks aren’t particularly complex for hackers to achieve, and that’s why they’re so common. According to Corero Network Security, organisations experienced an average of 237 DDoS attacks per month in the third quarter of 2017. That’s up 35% from the previous quarter.

The rise is due to two reasons. First, the number of connected devices (the “internet of things”) is increasing the number of targets for hackers to pinpoint.

Secondly, DDoS attacks are incredibly cheap. The same Corero Network Survey highlighted that hackers who use DDoS attempts can even take down networks for less than $100.

Why Should You Be Concerned?

Not only can these attacks rob businesses of money, but they can degrade network performance overall for people who aren’t even affected by the attack.

There are different methods for creating DDoS attacks. Each one has its own technicalities and idiosyncrasies, but generally hackers create a “botnet” by stringing a network of infected computers together. That botnet is then directed to attack the network of the chosen target.

Your computer might be in a botnet, and you wouldn’t even know it. Malware (software designed to infect computers), often spread through phishing emails and scammy links, and is often designed to connect new computers to the botnet. You wouldn’t see anything or really detect anything at all when using your computer as you normally do.

So Why Do They Do It?

  1. Money. Hackers use overwhelming traffic to take a network down, then demand money in order to release it from bondage. This is similar to other types of ransomware, which hackers use to lock down data or information.
  2. Information. Many DDoS attacks are actually associated with another type of hack. Some hackers use the DDoS as a distraction so they can hack into other types of information databases, left unaware while the rest of the network’s resources are diverted to getting it back online.
  3. To make a point. Because they’re so cheap to implement, DDoS attacks are used by activist groups trying to make a point. They might be part of a coordinated attack against a group of networks, or it might be that a company has done something they disagree with.

The consequences for you are pretty clear: the more time your network is flooded with bad traffic, the more money you lose. Not to mention the blow to your reputation.

DDoS Attacks Happen Everyday

It’s important to realise just how common these attacks are.

In 2017, new figures showed that DDoS attacks are nearly as common as ransomware, which is the #1 form of attack. DDoS strikes aren’t one and done, either. They take a particularly long time. In one case that same report found an attack flooded a website with traffic on a daily basis for over two weeks.

We’ve noticed this on our own network – we witness traffic associated with DDoS attacks happening every day.

It’s also important to note that you don’t need to be a massive target in order to be affected by one of these attacks. Even businesses that are out of the public eye can be targeted for seemingly no reason at all.

How Can You Protect Yourself?

Unlike phishing attacks, or suspicious links, there isn’t a specific checklist of things individuals or businesses can do to protect themselves from a DDoS attack. Except for one, massive change…

You can choose to use an internet infrastructure provider that has DDoS protection baked into its core network.

That’s exactly how we operate at BTB. BTB, in partnership with Anycast, has technology built in that helps our clients stay safe from DDoS attacks.

Our systems automatically detect an attack within minutes, and then move traffic through “scrubbers”. Think of these like filters: they take out the bad traffic, then let all the good traffic flow through to where it needs to go.

Not every network works like this. We’ve put the hard work in creating infrastructure that is smart enough to see where traffic comes from, and whether it might be part of an attack. As DDoS attacks become even more prevalent, this type of awareness is so crucial to making sure you and your customers have reliable service.

The only way you can do that is by investing in a network that understands the value of not just protecting users from these types of attacks – but by investing in tools to hopefully make them a thing of the past.

Posted by

Sachin Patel

Tags

News Categories