If you can imagine the business impact of your network, website, or applications going down and becoming unavailable to your staff or customers, then protecting yourself from DDoS attacks should be a priority. Here we look at what DDoS attacks are, how they work, their reasons, how to spot one and protect yourself against them.
What is a DDoS attack
A Distributed Denial of Service attack (aka DDoS attack) is a malicious attempt to disrupt the regular traffic of a targeted server, network, or application. The approach attempts to overwhelm your network infrastructure with high traffic volumes to interrupt and overload it to a point where it stops the website from being delivered.
How does a DDoS attack work
A malicious DDoS attack uses multiple compromised internet-connected computer systems as sources of attack traffic to overload the network.
The compromised computers or Internet of Things (IoT) devices may have been infected by malware that allows them to be controlled by an attacker. An infected device is known as a bot, and a group of bots are known as the botnet.
Example of a DDoS attack
In simple terms, if a website was a building or a location, say a theme park, a DDoS attack would be parking cars on the roads en route to create traffic jams for real users, making the site inaccessible.
A better explanation would be you want to go on a trampoline, but someone has filled it with weights, so not only can you not go on, but they will eventually break the trampoline.
Why do a DDoS attack – reasons/benefits
Many reasons and attacker benefits sit behind DDoS attacks. Some do it out of revenge, politics, or trolling (for fun or demonstrating their skill). Others do it out of rivalry or even as a good cause! The attacker may be paid to do it by other companies or a hostile government, and they can even be used as a distraction for further attacks.
How to identify a DDoS attack
There are many ways to identify DDoS attacks depending on the type and approach. However, the main ones are:
- Your site or service suddenly becomes slow or inaccessible.
- You notice a surge of ‘users’ to or from a singular source. The source could be a location, device type, operating system, or browser version to a specific page.
- You witness unusual traffic spikes during the off hours of the day.
DDoS attacks and pen testing
To learn more about how penetration testing can help mitigate the risks of a DDoS attack, please get in touch with OmniCyber Security.