What happens during a DDoS attack?
The go-to example of a large-scale DDoS attack is the Dyn attack of 2016. Dyn provides online infrastructure, domain registration and email solutions to enterprise clients including Netflix, Twitter and Reddit, among others. The attacks interrupted services for millions of users and affected roughly 14,500 web domains, costing Dyn and their customers millions.
During this attack, hackers were able to direct traffic from the IP addresses of tens of millions of IoT endpoints, including cameras, residential gateways and baby monitors. Hackers gained control of these endpoints using malware known as Marai, a program designed to remotely link Linux systems and then create a botnet.
Shortly after, a similar attack hit security blogger Brian Krebs’ website. At the time, the Krebs attack held the record for most powerful DDoS attack ever documented, registering 620 Gbps worth of traffic. That record was crushed in February 2018, when GitHub received an astounding 1.35 Tbps of traffic.
These enormous attacks are growing in frequency and are capable of taking down some of the most popular sites on the web. During Q4 of 2017 alone, 84 countries were hit with DDoS attacks, according to Securelist. More than half of the attacks targeted companies in China; the U.S. was the next-largest target at 19 percent of attacks.
In addition to the increasing frequency, the power of attacks has expanded. Compared to DDoS figures from 2015, attacks have quadrupled in size, according to A10 networks.
Instances like these cost some companies $2.5 million on average per attack. The looming threat has prompted many companies to consider all possible solutions. For everyone’s sake, we should be glad there are a number of options for defense.
How to protect against DDoS attacks
There are a few ways to protect against DDoS attacks. Specialized hardware and custom-built scripts can be used if you’re willing to spend the money on infrastructure or the time to write a program.
Some internet service providers also offer tools within their subscriptions, but there are a few issues that can arise. For one, it is not the main concern of ISPs to monitor traffic and allocate bandwidth to protect sites. There is also little transparency into the actual way ISPs are going about balancing traffic loads. Most importantly, there isn’t much end-user control to empower companies themselves to monitor, manage and mitigate traffic issues.
New solutions specifically designed for DDoS protection are sprouting up and quickly gaining traction as fears grow over potential cyberattacks. DDoS protection tools come in the form of either signature-based firewalls or cloud-based DDoS mitigation solutions.
Signature-based firewalls filter requests and identify potentially dangerous malware signatures present in incoming traffic. Requests containing these identifiers will be blocked from connecting to their target and won’t impact site performance.
Anti-DDoS load balancers, like traditional load balancing software, is designed to monitor requests allocate resources to optimize web performance. Traffic from DDoS attacks are filtered for legitimacy and either denied access or directed to isolated environments.
Many DDoS protection tools combine a variety of tools for firewall shielding, load balancing and traffic filtering to provide a well-rounded DDoS solution capable of handling whatever is thrown at them.
A number of DDoS protection tools are provided through content delivery networks and cloud services providers such as Cloudflare and Amazon Web Services. These companies already managing vast networks and possess the resources necessary to withstand large requests or divert traffic across servers.
To qualify for inclusion in the DDos Protection category, a product must:
- Filter and monitor incoming web traffic
- Limit traffic flow or set traffic baselines
- Identify DDoS attacks and block incoming traffic
- Provide a traffic management dashboard
IoT and DDoS in the future
The internet of things is constantly expanding, spanning countries, markets and applications. There are already more than 23 billion IoT endpoints today; that number is expected to more than triple by 2025. This emergence has largely contributed to the rise in DDoS attacks, which increased 91 percent in 2017.
Luckily, innovation has, for the most part, maintained pace with the capabilities of cybercriminals. Sure, attacks occur daily, but our technological infrastructure persists day in and day out. Emerging technologies such as intelligent security systems and risk-based authentication (RBA) software aim to combat a wide array of cyberthreats.
Intelligent security solutions harness the power of artificial intelligence and machine learning to keep systems up to date on the latest threats. RBA software keeps data safe and improves information security by analyzing dozens of factors to quickly determine whether users should be accessing the requested information. They’re making it easier to identify potential threats and unauthorized access requests to sensitive information.
Threats are hiding in every corner of the dark web while hackers look for new ways to steal information. Adding cutting-edge security solutions like DDoS protection tools can help companies build a cohesive security operations plan. If you’re looking for new ways to secure your data and help your business defend against cybercrime, explore the range of tools listed in our security software categories.