Hosting & Domains News

What is a DDoS Attack and What Do You Do About It?

DDoS attacks are in the news again, so we thought this would be a good time to put together an explainer as to what exactly they are and how they can affect your website or your business.

A DDoS attack is a ‘Distributed Denial of Service’ attack. It happens when a network of computers overloads the connection or the capacity of another network, server, or even a single website, freezing access and bringing down servers that can’t cope with the load.

Why would this happen? There are several reasons.

The latter appears to be the most common reason these days.

An RDDoS attack is different from a ‘ransomware’ attack which has also been in the news recently. A ransom-based DDoS attack seeks to extort money from you in order to prevent the attack from happening. Basically, they want you to pay them money to go away and leave you alone.

It’s a common tactic invented by organised crime over a century ago – pay us for ‘protection’, and we’ll leave you alone. The problem is that when you pay these criminals once, you embolden others to simply do the same. Paying DDoS ransom should not be a cost of doing business.

For example, in a recent DDoS attack in the news, hackers demanded 1 Bitcoin (worth about €30,000) to not make the attack. Unfortunately, the advent of Bitcoin and other cryptocurrencies has led to a rise in extortion attacks like this because it makes it easy for criminals to launder the money and get away with it.

The Attack

So, how is an attack done? These hackers will have gotten control of a network of hundreds or even thousands of computers – likely illegitimately due to phishing, malware, or other nefarious means. While most web hosts and ISPs will have policies that ban doing things like this, they may not know it’s happening until it is – so action against a DDoS attack is very reactive.

The hackers will use automated software to control these computers and networks to flood your computers and networks with bogus and pointless traffic that essentially takes up the whole ‘pipe’ that is your bandwidth. Legitimate traffic can’t get in or out. Your hardware – websites, intranet, network – becomes overloaded and cannot function.

DDoS Mitigation

This is where the ‘good guys come in. There are things that ISPs, datacentres, and web hosts can do to mitigate a DDoS attack. And let’s be clear here, there isn’t much they can do to PREVENT one because it’s very difficult to block traffic you don’t know isn’t legitimate. This is not really something that an end-user would have to deal with – it’s out of their control almost completely.

DDoS Mitigation has four steps to it:

DDoS mitigation is not something that is ‘one and done’ – it’s something that network admins have to constantly do and monitor.

Attacks cannot go on forever, simply because it’s expensive to keep them going – even with access to a malicious botnet – there’s still a cost – especially with bandwidth. And more often than not, when they realise you’re not going to pay up, they lose interest and move on.

If you’re a Blacknight customer and you suspect you’re under a DDoS attack, please contact us immediately.

 

Exit mobile version