DDoS attacks

DDoS attacks and the future of cybercrime

When a big chunk of the internet broke in October 2016, users of massive online services like Twitter, Reddit and Netflix found the sites unavailable for the best part of a day. While dramatic, this was just the latest in a long string of attacks targeting websites using a method known as distributed denial-of-service, or DDoS.

Defining DDoS

With a finite amount of bandwidth and network resources, there’s a limit to how much traffic any online service can receive while remaining accessible. Denial-of-service is what happens when a website is overloaded with user requests, to the point where any kind of response becomes incredibly slow or impossible.

This often takes place by accident when a site receives a sudden surge of traffic, such as the ‘Reddit Hug of Death’ that can occur when a link appears on the popular discussion platform. Similarly, the death of Michael Jackson in 2009 caused a massive spike in web traffic, so much that even Google was overwhelmed.

But when orchestrated on purpose, denial-of-service can be used to paralyse any website singled out by the attacker. Their motive? It can range from personal grievance or revenge to political activism, but the most common goal is good old-fashioned extortion.

Usually, the attacker finds a website that’s a major source of income and targets it with DDoS. Then they demand a fee to stop, hoping the victim will pay the ransom, simply to prevent lost revenue.

Bottleneck-blocking botnets

The ‘distributed’ in DDoS refers to how requests are spread across multiple sources, and it’s what makes this type of attack so effective. By combining various computers into an automated network or ‘botnet’, a vast amount of traffic can be generated by a single attacker.

A botnet DDoS attack is very difficult to counter because it’s not a simple case of blocking one IP address, and it’s hard to distinguish malicious traffic from legitimate user requests. Not only that, but if the victim tries to add bandwidth, the attacker can simply activate more machines in the botnet.

But how do attackers recruit these computers into their evil army? It’s not like your average hacker already owns a network of machines around the globe. To add another slice of disturbing criminality to the DDoS sandwich, botnets are often made up of compromised devices that receive and carry out commands without the knowledge of their owners.

The insecure-net of things

With more internet-connected devices than ever, attackers have found ways to harness the internet of things as part of their malevolent schemes.

The October 2016 incident was probably the largest DDoS attack to date, and it utilised malware called ‘Mirai’ to create a vast botnet that went on to target Domain Name System (DNS) provider Dyn, with disastrous knock-on effects for some of the web’s biggest names.

Unlike many other botnets, Mirai is designed to pressgang Linux devices that aren’t necessarily standard computers. From remote cameras to home routers, a wide range of consumer products are now prime targets for botnet malware.

What makes these devices so vulnerable to malware like Mirai is their lack of built-in security. For example, consumer security cameras often come with weak default passwords that aren’t changed by the user.

As security experts start to fully understand the emerging risks, safeguards are being put in place to combat DDoS and the botnets behind it. But who knows, the next big attack might come exclusively from insecure hairdryers and sandwich toasters.

DDoS defence

The threat of DDoS is here to stay, but there are techniques for preventing and minimising the effects of these attacks. The latest web hosting and server platforms have a range of tools that help to block illegitimate traffic and keep websites up and running.

At Fasthosts, our Cluster web hosting platform features advanced DDoS mitigation systems. These allow us to instantly identify and isolate any attacks, while minimising the effect on our servers. Our support teams constantly monitor the situation and use the latest countermeasures to ensure DDoS attacks are neutralised before they can have an impact on your websites and online projects.

Be Sociable, Share!