A Distributed Denial of Service (DDoS) attack is where a group of computers flood another website with a large number of messages, so that the website becomes so overwhemed it can’t function properly. Basically the attacker sets up a network of computers to send requests to the target website, using up the bandwidth and preventing that sites normal traffic.
Commonly used by political and social activists as part of a protest, DDoS attacks are also used to extort money from web businesses and as distractions from other, more serious attacks elsewhere on the network.
Generally the attack network is built by spreading zombies or bots to infect other computers and use them to send the DDoS attack – hence not only affecting the target network, but also slowing performance on each of the infected attack computers. A botnet, or network of bots averages at around 20,000 computers – though the most prolific can number in the millions – sending tens of billions of messages each day! In fact, the Arbor Networks’ 7th Annual Worldwide Infrastructure Security Report from Feb 2012 surveyed 114 service providers from around the world. It revealed 91 per cent of ISPs experienced at least one DDoS attack per month, with 44 per cent seeing 10 or more attacks per month.
Is there any defence against DDoS attacks?
Neal Quinn from Prolexic suggests:
- Utilise your web host’s anti-DDoS settings.
- Redundancy of web services allow a backup for your clients in case of attack.
- Ensure you have sufficient bandwidth and CPU overhead, and investigate other methods of handling extreme traffic.
- Keep your DNS records’ TTL settings low so changes are detected quickly.
- Internal and external monitoring for quick alerting of attacks.
- Have a plan in case of attack.
Even though DDoS attacks are illegal in many countries, attacks are usually controlled from countries that have no legislation against them. This makes it so difficult to track down and prosecute attackers that many victims find themselves with few options once the attack takes place.
There’s not much you can do if you find yourself a victim of a DDoS attack, but the above steps can help prevent disruption to your web business in the event of an attack.