What is a Distributed Denial of Service (DDoS) Attack?
DDoS occurs when hackers flood an IP address with hundreds or thousands of messages, often through the use of botnets or through a coordinated hacking effort, taking the network to the point where legitimate users aren’t able to get through – hence, the term - denial of service.
What you need to know about DDoS attacks
DDoS attacks usually use a network of compromised systems to flood sites with connection requests, causing the website or server to slow down or crash entirely. There are many types of actual DDoS attacks. While DDoS offers a less complicated attack mode than other cyberattacks, they are growing more robust and sophisticated.
There are three basic categories of attack:
- volume-based attacks, which use high traffic to inundate the network bandwidth
- protocol attacks, which focus on exploiting server resources
- application attacks, which focus on web applications and are the most sophisticated and severe type of attacks
Why should we worry about DDoS attacks?
DDoS attacks have the potential to impact all Australian businesses. What DDoS attacks do is disrupt business. DDoS protection is essential because it safeguards the normal flow of revenue or prospect information customarily sourced from the targeted website.
The need to protect against DDoS is clear:
- Surveys show that more than one-third of companies in the USA suffer from DDoS attacks.
- In 2020 Australia reported approximately 160 cybercrimes every day (ACSC Annual Cyber Threat Report, July 2019 to June 2020)
- According to Australian Cybersecurity Magazine, Australia was the 3rd most targeted country globally in Application DDoS attacks in 2021.
- According to a Dark Web price index, DDoS attacks can be purchased for as little as $10.
A recent trend is for DDoS to be used for extortion, where a business is threatened with an attack against its website unless it makes a payment. A small DDoS activity can accompany these threats - or a brief larger one - to demonstrate capability.
How does Webcentral seek to mitigate DDoS risks for its customers?
Webcentral has many connections to the Internet with an aggregate capacity of around 1GB/second of data flow. When faced with genuine spikes in traffic from client services, we always have enough bandwidth to handle the load. Webcentral runs at less than 60% of its actual capacity at all times.
It is not so simple when an attack is underway. When an attack happens, we could experience an attacker sending 5000 times the capacity of our network. The traffic coming in can originate from tens of thousands of hosts, and even if you can identify them all, the attackers will usually keep shifting the sources of the attack. It is not always possible to ignore requests from these specific servers.
Three things you can do to address DDoS attacks
Behind the scenes, there are a million things that engineers try to identify and block during an attack, but the attackers are always looking at ways to work around our safeguards. Three simple things in which you can do to help protect your online business include:
- Ensure you have enough bandwidth that no matter the size of the attack, you are less likely to be completely saturated by it.
- Invest in anti-spam software that can determine junk (malicious) traffic from regular traffic.
- Try to work with the bigger networks upstream to see if they can block the bad incoming traffic.
It is always better to block an attack before it starts. The responsibility of mitigating this type of incident falls to the hosting provider. We work hard to limit our customers’ exposure to DDoS attacks because we understand the implications of downtime for any online business. It impacts our business in the same way.
Why not talk to one of our website security experts about how you can protect your online business from DDoS and other cybersecurity threats. We have a skilled technical team equipped with the knowledge and expertise to handle these attacks. They are constantly working to keep pace with cyber criminals’ ever-changing tactics. They can review your website procedures and protocols to ensure you are better positioned to block and recover from cyber threats such as a DDoS attack.