In order to defeat the hackers who threaten your company network and IT infrastructure, you must become familiar with the techniques and strategies that these criminals employ. DDoS attacks, also known as Distributed Denial of Service, are extremely effective at wreaking havoc on target websites. Here we will discuss how DDoS attacks work and touch on a few ways to repel them.

What is a DDoS Attack?

The simpler version of the DDoS is known as a DoS, or Denial Of Service attack. This is where the hacker sends repeated messages to a particular website in such a volume that the target site is slowed down and could even grind to a complete halt. This is a very effective hacking attack technique for a smaller website, but if a website is hosted on a number of servers, the denial of service attack could have little or no effect.

This limitation led hackers to develop the ‘Distributed’ Denial of Service technique, which generates a multiplied effect delivering even more devastating results.

Here are the steps involved in setting up and carrying out a DDoS attack:

The hacker(s) will first set up a number of zombie computers by way of linking them up within their network. Each of these will have the potential to send multiple messages via a variety of network protocol methods. A typical DDoS will also involve a number of innocent computers known as ‘reflectors’. The zombie computers will send a connection command to the reflector computers. Once the reflector has received this command it will either wait for further instructions or start bombarding the target computer system with messages. It is possible to use a large number of reflector computers to send these harmful messages and this is typically effective enough to bring down a large website without any difficulty. As far as the target website is concerned, the attack has originated via the reflectors and not the actual zombie computers.

“Through the use of zombie computers, the hacker is often not connected to the actual crime” –DDoS Demystified via @SecureNinja

Defending your Website from DDoS

Although the DDoS attack is a fairly sophisticated technique that has already caused major problems for the likes of Microsoft and Amazon, it is possible to take certain measures to defend against this hacking strategy.

1. Ensure that your bandwidth is large enough to deal with the potential peaks that could arise from a DDoS attack.

2. Keep an eye on your network and application traffic.

3. Detect and deal with any malicious requests.

4. Look out for malicious users and attempt to stop them before they can hack into your system.

If you are in need of more information or believe that your website is at risk of a DDoS attack, please consult a cybersecurity expert sooner than later. Prevention is always easier than the cure.

If you or your organization is in need of Cybersecurity training, please view our classroom, on-site and online options here.