What is a DDoS (Distributed Denial of Service) Attack and what kind of impact can it have on a company? How to prevent and minimize its impact?
A distributed denial of service (DDoS) attack is the act of making online services unavailable to intended users by overwhelming an online service with traffic from various sources distributed across the internet thus the word “Distributed” denial of service. DDoS attacks are usually aimed at disrupting the normal functioning of an online business thus shutting out the customers or users of the service provided by the overloaded online service. The attacker controls a large number of computers infected by Trojan virus which usually allows remote command without user’s knowledge (Glassley, n.d.).
DDoS attacks are of two major types. An application layer attack that overloads a server by sending loads of intense requests and flooding the service thus slowing its flow. More examples of application layer attacks include DNS query floods and HTTP floods. A network layer attack that in plain language clog the networks which include UDP and SYN flooding together with NPT and DNS amplification. DDoS attacks can be launched by anyone with the knowledge. Attacks like DDoS usually have a motive behind them like hacktivism, cyber vandalism, extortion, personal rivalry, business competition and cyber warfare among others (Glassley, n.d.).
Deezer, the online music streaming service, was impacted by a large-scale DDoS attack through a botnet for two straight days, which resulted in the website being down for several hours. The attacker did not target any personal information, but affected the availability of that service for several hours.it may sound short but several hours in an online service is means a large amount of money being lost with every passing second. The company counterattacked the attack by improving on their security and three days later it was all up and running nicely. The only downside to this was that they lost some customers and some profit money (Roman, 2014).
Deezer was not the only online company attacked. Feedly (the news aggregator) was attacked by cyber criminals using the incident to extort money from the organization. Feedly was forced to change its infrastructure to ensure that the site stays online. Changing the whole network infrastructure is very costly. Though it took time, it was back online in a few hours (Roman, 2014).
Companies can prevent the cyber DDoS attack in several ways and prepare for them steadily. Monitoring traffic to look for abnormalities can be one of the means to prevent attacks. Companies can also keep an eye on social media for suspicious conversation threads and use a third-party DDoS to stimulate a response attack drills should be put to play. The technological word is still vulnerable. Prevention and mitigation come into play in responding to DDoS attacks calmly. It is very crucial to work with a DDoS mitigation plan for preparation. Upgrading infrastructure is also a good prevention measure since it would be efficient enough to handle more traffic (Roman, 2014).
DDoS attacks are launched to disrupt the normal flow of a particular online service. Attackers launch the attacks remotely making it hard, but not impossible, to track them. DDoS attacks can cripple big online companies if a hit is sustained long enough Billions of dollars can be lost in the attempts to make a service impenetrable by the assault. The attacker usually uses a particular type of attack depending on the motive of the assault. Companies are making efforts in preventing these attacks by preparing in advance since technology itself is not all secure. Working with a DDoS mitigation plan can help in responding to the cyber-attacks.
Glassley, B. (n.d.). Denial of service attacks. Retrieved from What is a Distributed Denial od service attack?|DoS and DDoS ecplainded|incapsula: https://www.incapsula.com/ddos/ddos-attacks/denial-of-service.html
Roman, J. (2014, June 11). 3 Companies Hit by DDoS attacks. Retrieved from 3 Companies Hit by DDoS attacks-DataBreach today: http://www.databreachtoday.asia/3-companies-hit-by-ddos-attacks-a-6941