What would happen if the internet was not available for even a few hours a day, as almost all businesses are online? The result would be a slump in business, lost leads, no new business relationships, and profits that would plummet. This could also lead to other disasters within an organization. This is what could happen if an attack was made on an organization whose sole business model is its online platform.
DoS and DDoS attacks are common for security conscious individuals and organizations. A DoS attack, or a Denial of Service attack, is a DoS attack in which a host is bombarded by multiple TCP/UDP packets. Each packet comes from one computer and one Internet connection. The site crashes or slows down because the host cannot handle the fake requests of hundreds to thousands of users.
DDoS, or the “Distributed Denial of Service Attack”, is a closely related attack to DoS but is more intense. DDoS attacks are not carried out by one attacker. Instead, several attackers attempt to overwhelm and bring down the system using multiple computers and multiple Internet connections. A master computer sends instructions to slave computers, which in turn can cripple financial systems and ruin large corporations. DDoS attacks are more difficult to recover from because it is more difficult to trace the source.
Here are some statistics about DDoS attacks
Recent examples of DDoS attacks include the GitHub attack (February 2018, which saw traffic spike at 1.3 Terabytes/sec), Telegram attack in June 2019, and Brian Krebs site attack in 2016.
China was a target region that was followed closely by the USA and Hong Kong.
Sundays were not the best days to launch DDoS attacks, while Mondays were the most active in the second quarter 2019.
In the second quarter 2019, attacks lasting more than 4 hours were more common (DDoS attacks in Q2 2019, 2019).
It is interesting to note, too, that large DDoS attacks on organizations are mostly detected only by customers and clients of the company. They notice a downed Server and not the organization.
Let’s now look at the statistics and definitions of DDoS.
DDoS attacks are changing:
Hackers’ strategies and technology change as technology changes. Businesses are better equipped to deal with DDoS attacks now that they are aware of them. While large-scale attacks are easier to detect, and more DDoS attacks have occurred, it is not always easy to manage. These smaller attacks don’t trigger any defenses for the organization. Surprisingly, only 28% of businesses are able to detect them. According to Neustar Q2, 2019, Cyber Threats and Trends Report, smaller attacks can be used against specific services, gateways and applications (API (Q2, 2019 CYBER THREATS & TRENDS REPORT).
Hackers use these smaller attacks to spread malware and increase the number of systems. They can also slow down the system, thereby affecting the site’s performance.
How to deal with DDoS attacks
It is important to identify the most valuable assets within an organization and put them under “always on” DDoS mitigation strategy, given the recent changes in DDoS strategies. To analyze the traffic, it must be continuously monitored. This will allow you to determine if valuable assets need to be kept “always-on” or if other resources should be protected.