DDOS ATTACKS AND PROTECTION METHODS

Distributed denial-of-service attacks, or DDoS for short, have become commonplace and a major headache for Internet security worldwide. Therefore, protecting a website from DDoS attacks is not an additional option today, but a prerequisite for those who want to avoid downtime, massive losses and damage.

What is DDoS?

Distributed Denial of Service is an attack to prevent an information system from processing user requests. In simple words, DDoS is making a web resource or server inaccessible with traffic from multiple sources. Usually such an attack is done to cause network outages in a large company or government organization.

A DDoS attack is similar to another common web threat, Denial of Service (DoS) attacks – the only difference is that a typical distributed attack does not come from a single location, but rather comes from larger and different sources.

The main purpose of a DDoS attack is to make the website inaccessible to visitors by preventing it from working. However, sometimes the trickster tactic is also used. That is, these types of attacks are made to divert attention from other harmful effects. For example, a DDoS attack can occur when a security system is compromised to take over an organization’s database.

DDoS attacks came to the public’s attention in 1999 with a series of attacks on major companies’ websites (Yahoo, eBay, Amazon, CNN). Since then, such cybercrime has grown into a global threat. According to experts, in recent years their frequency has increased by 2.5 times, and the maximum capacity has reached 1 Tbit / s.

Causes of DDoS Attacks

  • Personal hostility; It often encourages attackers to attack companies or government companies. For example, in 1999 FBI websites were hacked and disabled for several weeks. This started because the FBI launched a large-scale operation against the hackers.
  • Political protest: Typically, such attacks are carried out by hacktivists, IT professionals with radical civic protest views. A well-known example is a series of cyberattacks on Estonian government institutions in 2007. The reason was the destruction of the Monument to the Savior Soldier in Tallinn.
  • Fun: More and more people today are addicted to DDoS or at least want to try it. Novice hackers often organize these attacks for fun.
  • Extortion and blackmail: Before launching an attack, the hacker contacts the owner of the resource and demands a ransom.
  • Competition: DDoS attacks can be ordered by another company to humiliate their competitors.

Who are the potential victims?

DDoS attacks can stop access to websites of all sizes, from regular blogs to large corporations, banks and other financial institutions.

According to research by Kaspersky Lab, an attack can cost the company up to $1.6 million. This is serious damage, because the hacked web resource is unserviceable for a while, so the service remains idle.

Most of the time, these types of sites and servers fall victim to DDoS attacks

  • large companies and government agencies;
  • financial institutions (banks, management companies);
  • Opportunity (offering discount service) sites;
  • medical institutions;
  • paying system;
  • media and information aggregators;
  • online stores and e-commerce businesses;
  • online games and gaming services;
  • cryptocurrency exchanges.

Internet-connected equipment, also known as the Internet of Things (IoT), has also been added to the sad list of victims of DDoS attacks. The greatest growth dynamics in this area is demonstrated by cyber attacks aimed at disrupting the operation of online payment transactions in large stores or shopping centers.