29 C
Lagos
Saturday, September 19, 2020

What is DDoS (Distributed Denial of Service) Attack?

- Advertisement - data-full-width-responsive="false">

A distributed denial of service attack is a trial to block a web server or network system by flooding it with data. DDoS attacks can be a simple ordeal, revenge, or hacktivism and can range from less hassle to long-term downtime resulting in job loss.

- Advertisement -

Hackers hit GitHub with 1.35 terabytes of data per second of DDoS attack in February 2018. It is a massive attack and is unlikely to be the last of its kind.

How does a DDoS attack work?

DDoS attacks often operate through botnets, large groups of distributed computers that interact in unison, simultaneously sending spam to a website or a service provider with a request for data.

Attackers use certain malware or vulnerabilities to install Command and Control (C2) software on users’ systems to create botnets. DDoS attacks rely on a robust number of computers in the botnet to accomplish the desired effect. The simplest and cheapest way to control this number of computers is to exploit the vulnerability.

The DynDNS attack used WIFI cameras with default passwords to create a massive botnet. Once the active botnets are attacked, the attackers send a move command to all of their botnet nodes, and the botnets then send their scheduled requests to the destination server.

If an attack overwhelms an external defense, it quickly overwhelms most systems, causing service outages and, in some cases, server downtime. The result of a DDoS attack is primarily a loss of productivity or a service disruption – customers cannot see the website.

While it may seem benign, the cost of DDoS attacks averaged $2.5 million in 2017. Kaspersky reports that DDoS attacks cost $120,000 to small businesses and $2,000,000 to businesses. Hackers carry out DDoS attacks on everything from childish hardships to corporate revenge for showing political activism.

DDoS attacks are illegal underneath the Computer Fraud and Abuse Act. Launching a DDoS attack on a network without approval will cost you up to 10 years in prison and a fine/bail of up to $500,000.

What is the difference between a DoS attack and a DDoS attack?

A denial of service (DoS) attack involves many types of attacks, and everything is designed to interrupt services. Also, to DDoS, you can have application layer DoS, advanced persistent DoS, and DoS as a service. Businesses will use DoS as a service to test their networks.

In short, DDoS is a type of DoS attack; however, DoS can also mean that an attacker used a single node to launch an attack, instead of using a botnet.

Advertisement
data-full-width-responsive="true">

What Does a DDoS Attack Signify for my Security?

You need to prepare and plan for managing a DDoS attack against your systems. You need to monitor, generate alerts quickly, and diagnose an ongoing DDoS attack. The next step is to close the attack without affecting users promptly.

You can block IP addresses with the next-generation firewall or disable incoming traffic to the destination system and switch to the backup. There are other intervention plans that you can implement, make sure you have them.

Common types of DDoS attacks

There are several different ways for attackers to increase a DDoS attack. Here are some of the most famous:

1. Application Layer Attacks

DDoS attacks against the application layer aim to deplete target resources and to disable access to the target site or service.

Attackers load a robot with a complex request that taxes the target server while it attempts to respond. The request may require access to a database or large downloads.

If a target receives several million of these requests in a short time, it can be quickly mastered and slowed down or entirely planted.

An HTTP Flood attack, take, for example, is an attack on an application layer that targets a target web server and uses many fast HTTP requests to disable the server.

Imagine this by pressing the Refresh button in rapid-fire mode on the game controller. Such traffic from thousands of computers at once will quickly drown a web server.

2. Protocol Attacks

DDoS attack protocols target the network layer of target systems. Its objective is to replace the main service space of a leading network, a firewall, or a load balancer that conveys requests to a destination.

In general, network services operate from the first line (FIFO) from the first port. The first request arrives, the computer processes the request, then goes and gets the next request online, and so on.

Advertisement
data-full-width-responsive="true">

There are now a limited number of points in this queue, and in a DDoS attack, the line can become so vast that the computer has no resources to respond to the first request.

An SYN flood attack is a specific attack. There is a three-way negotiation in a standard TCP / IP network transaction, and these are SYN, ACK, and SYN-ACK.

SYN is the first part, which is any request, ACK is the target response, and SYN-ACK is the original request which says, “Thank you, I have received the requested data.” In an SYN flood attack, attackers create SYN packets with false IP addresses.

The target then sends the ACK to a bogus address, which never responds, stays there, and waits for the time for these responses to expire, which depletes resources to process all of these fake transactions.

3. Volumetric Attacks

A volumetric attack aims to use a botnet to generate a large amount of traffic and disrupt work on the target. Imagine an HTTP flood attack, but with an exponential response, a component added.

For example, if you and 20 friends called the same pizzeria and ordered 50 cakes at the same time, that pizzeria may not meet these requirements. Volumetric attacks work on the same principle.

They are looking for something in the target that will significantly increase the magnitude of the response, and the volume of traffic explodes and obstructs the server.

DNS amplification is a type of volumetric attack. In this case, they directly attack the DNS server and require a large amount of data from the DNS server, which can cause DNS blocking and paralyze anyone who uses this DNS server for name resolution services.

How to avoid DDoS attacks?

How did GitHub survive this massive DDoS attack? Planning and preparation, of course. After 10 minutes of occasional downtime, the GitHub servers have activated their DDoS mitigation service.

The mitigation service redirected incoming traffic and deleted malicious packets, and about 10 minutes later, the attackers abandoned it.

Advertisement
data-full-width-responsive="true">

To paying for DDoS mitigation services from companies like Cloudflare and Akamai, you can also use their standard endpoint security measures. Fix your servers, keep Memcached servers open on the Internet, and train your users to recognize phishing attacks.

You can enable black hole routing during a DDoS attack to send all traffic to the abyss. You can configure the speed limit by limiting the number of requests that the server receives in a short period. A well-configured firewall can also protect your servers.

Varonis observes your DNS, VPN, proxies, and data for signs of an upcoming DDoS attack on your corporate network. Varonis monitors behavior patterns and generates alerts when current practice matches a threat pattern or deviates from standard behavior.

This can include malicious hood attacks or significant increases in network traffic, indicating a DDoS attack.

DDoS Attacks Today

Like everything else in IT, DDoS attacks are evolving and becoming more destructive for businesses.

The size of attacks is increasing, with 150 requests per second during the 1990s, which would reduce the server from that time to the recent DYN DNS attack and GitHub attacks to 1.2 TB and 1.35 TB, respectively.

The purpose of these two attacks was to disrupt two significant sources of productivity around the world. These attacks used new techniques to reach their vast bandwidth. The Dyn attack used an explosive found on the Internet of Things (IoT) devices to make a botnet, named the Mirai Botnet attack.

Mirai is used to open Telnet ports and default passwords to download WiFi-enabled cameras to conduct the attack. This attack was a childish difficulty, but it also had a significant vulnerability that accompanies the proliferation of IoT devices.

- Advertisement -
Fadehan Emmanuel
Moore is an Associate—Editor of TheXplorion. Got a NEWS TIP related to this story — or to anything else in the world of big tech? Please e-mail him: mooreplug[at]gmail.com. You can also connect with him via the connections below the box.
- Advertisement -

Trending Now

What is 3D Touch?

With the stiff competition between Apple and other tech giants, it is no shocking thing, the massive innovations constantly churned out in the smartphone...
- Advertisement -

Startimes Subscription Prices, Packages and Channels List in 2020

StarTimes Nigeria is one of the popular cable TV providers in Nigeria. This service is a subsidiary of a Chinese based company...

10 Best Places to Download Bollywood Movies

Do you spend hours watching Bollywood movies as I do? Have you been in search of the perfect sites to download the...

7 Best Offline Racing Games for Android Users in 2020

Are you a real gamer? If you are one, then you will know how exciting it can be to experience the adrenaline rush that...

GB WhatsApp, WhatsApp Plus and OG WhatsApp Tips and Tricks

Checkout the new GB WhatsApp Tutorial. Hello, welcome to WhatsApp Plus, OG WhatsApp and GB WhatsApp tips and tricks. For the sake of this article,...

DStv Channels List, Packages and Prices in 2020

Thousands of people in Nigeria have put their trust in DStv to provide them with the very best of television shows and programs. DStv (Digital...

Best Low Size PC Action Games For Your Old PC/Laptop With Low Specs

Gaming time is one our favorite time and nothing beats the ability to play high-quality games on our PCs but like some of our...

9+ Infinix Phones With Best Camera in 2020

People purchase smartphones for different reasons, and it is no brainer that the camera specifications is one of the features they look out for...

GB WhatsApp Pro, OG WhatsApp Pro V8.10 (GB OG Replacements) Latest Version

Good day peeps, the latest GBWhatsApp is here... and it is called the GB WhatsApp Pro Remember earlier, GB Mods the maker of GB WhatsApp...

StarTimes Customer Service Contact and Simple Error Fixes

StarTimes has fast become one of Nigeria's most used cable or digital Pay Tv. Despite its vast customer reach, the company has...

How to Fix Home Key, Recent Key and Notification Bar Not Working?

There is a bug in the Android OS that dates back as far as the Lollipop Version and it is one of the most...
- Advertisement -

Related Posts

Top 7 Weird Phones You Never Knew Existed

Do you remember the oldest and heaviest phones in the twentieth century? It’s funny how phones started as a black and white...

How to Effectively Network Using Facebook?

It is becoming a lot easier to find several reasons to dislike or want to distrust Facebook as a social media application. The business-friendly policies...

Researchers reveal World’s First ‘scroll’ screen Tablet

One thing about technology is the willingness of research to defy logic and bring forth inventions and innovations. Canadian Researchers at the Human Media...

ASUS GL502VS Gaming Laptop Review

We are reviewing the ASUS GL502VS Strix ROG model gaming laptop which has been produced by ASUS for Gamers. First of all, before review...

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.