DDoS Attacks Remain a Threat to Businesses
Here’s how they happen, and what your business can do about it
As a business owner, did you ever imagine there’d be such a thing as too much traffic to your website?
Clicks, views and visits are normally a good thing—they attract customers, generate sales leads and bring in revenue. But in the world of cybercrime, even web traffic can be used against your business.
Hackers use Distributed Denial of Service (DDoS) attacks to take business websites offline with floods of phony traffic—a scheme that spells trouble for e-commerce companies, government entities and just about any other web-dependent organization.
In DDoS attacks, hackers aim to overwhelm web servers by sending a deluge of access requests—sometimes tens of thousands at one time—to a target website. The illegitimate traffic is streamed in until the server’s bandwidth is saturated, causing the overloaded site to deny service, crash or slow down significantly. Attacks can last just a couple minutes or several hours.
To launch a DDoS attack, hackers use armies of botnets—networks of malware-infected computers—to send swarms of data packets to servers. Botnets can contain thousands of infected machines and are controlled remotely by the hacker. Oftentimes, the owners of these recruited “zombie” computers aren’t aware their systems are part of a botnet because the malware runs in the background with no interruptions. Botnets can even be rented on the black market for as little as $150 per day, according to Trend Micro research.
Increasingly, hackers are jumping on unsecured Internet of Things devices to create botnets—making them one more source among a growing number of internet-connected devices hackers look to exploit.
A Growing Threat
Security experts say businesses should be prepared, as DDoS attacks are expected to grow in frequency, duration and severity, as attackers find new amplification techniques to hit targets. More than 2,000 DDoS are observed worldwide every day, according to the Arbor Networks ATLAS Threat Report.
A report from Kaspersky Lab reported that in the first quarter of 2018, there was “a significant increase in both the total number and duration of DDoS attacks,” compared with the last quarter of 2017. More than one-third of downtime incidents are attributed to DDoS attacks, according to research from Verisign and Merrill.
In early 2018, Github, a popular web-hosting service for coding files, was dealt one of the largest DDoS attacks to date. The site was interrupted for about 9 minutes—going completely offline for five minutes and experiencing intermittent service after that. At its peak, the barrage walloped Github servers with 1.35 Tbps of data—all at once.
For many businesses, a website unavailable to your users and customers is a lost revenue stream. Without it, there’s no way to make new sales, process orders or offer crucial information, services and support. What’s worse, customers who can’t log on aren’t going to wait: they’re likely to get frustrated, look for service elsewhere and maybe never come back. That’s bad not only for the bottom line, but your business’ reputation.
Hackers don’t just target large corporations—they go after small and medium-sized business, too. In fact, smaller businesses are often a sought-after target. Cyber criminals assume smaller businesses don’t have the security resources and haven’t invested in preventative measures against hacking and other attacks.
Why Does This Happen?
Hackers carry out DDoS attacks for various reasons, ranging from just being a minor nuisance to shaking down businesses for money. Here’s a look at the common motives behind this category of cybercrime.
Some hackers use DDoS to extort money, repeatedly hitting a company’s server and keeping it offline until a ransom is paid.
+ Hacktivism and Cyber Vandalism
So-called “hacktivists” might use DDoS as a show of force against a group, organization or business whose policies, practices or services they disagree with. These kinds of hackers might even target a company in an attempt to cripple a competitor or take business away from a rival.
In some cases, a DDoS attack might just be a smokescreen for a bigger problem, such as stealing corporate data or sensitive customer information.
Signs Your Website is Under Attack
Not all service problems or interruptions are the result of a DDoS attack, but there are a few red flags to watch for, including:
+ Slow network performance
+ Inability to access files or any website
+ An influx of spam email
+ A disconnected wired or wireless connection
+ Prolonged denial of access to any internet services
What You Can Do
Fortunately, there are tools available to protect against DDoS attacks. Arvig’s DDoS Protection service, for example, uses advanced filters to analyze web traffic, discarding malicious requests while allowing legitimate traffic to proceed.
DDoS mitigation services are designed for two different use cases:
+ Corporate or enterprise internet connections
+ Web servers or other internet-based services
DDoS mitigation services can be purchased for publicly accessible services, as well. These usually work by updating DNS to forward traffic to a DDoS mitigation company who then forwards the cleaned traffic back to the target server. Arvig’s service is much more infrastructure based, in that it mitigates DDoS traffic that targets one or more customer defined IP addresses. For example, the customer might just want their internet service to stay up (schools needing internet access for standardized testing, for example) or might be used by the customer to protect against an attack that brings down web servers or other services they are hosting.
Business owners should consider adding this service as part of a multi-layered approach to IT security. Find out more here.