Views, News & more
The dreaded distributed denial of service (DDoS) hit the headlines in 2016, thanks to a rise in attacks, new, sophisticated ways of conducting them and some embarrassing website downtime for some very big names.
Simple to run and easy to execute, DDoS attacks are becoming the new normal for firms of all shapes and sizes. We take a look at some of last year’s most high-profile hits and give you some effective methods of battling back against those pesky hackers.
A distributed denial of service attack is where a network of computers infected with malware bombard a server with traffic until it collapses under the strain. Successful DDoS attacks can take a website down completely, resulting in lost sales or a rise in bandwidth costs.
21st October 2016 will be remembered for what most experts agree to be the largest DDoS attack in history. It knocked offline a host of well-known, household names including Twitter, Netflix, Spotify and many more. To give you some idea of the scale, Twitter alone has more than 300 million users every month. Wowsers.
The DDoS attack, which affected internet in the US and Europe, is regarded as one of the smartest ever executed. Those behind it utilised a botnet called Mirai, plucked from the dark web - and they didn’t target the websites directly. Instead, they hit Dyn, a firm which controls a large chunk of the web’s domain name infrastructure.
Now, while most DDoS attacks use botnets made up of computers, Mirai is, for the most part, made up of internet of things (IoT) devices like digital cameras. This meant the attack was able to call on a large number of internet-connected devices to help it conduct the DDoS - around 100,000, it’s thought - way more than in a standard attack.
In the wake of the attack, Dyn’s chief strategy officer Kyle York said: “It’s a very smart attack. As we mitigate, they react.” Quite.
At the turn of the year all of the BBC’s websites went down because of a large DDoS attack. Instead of reading news or watching content on iPlayer, visitors instead saw an error message. While initially saying the outage was caused by a “technical issue”, the BBC later suggested it was a DDoS attack.
A group called New World Hacking later claimed responsibility for the attack.
Hackers targeted the websites of Donald Trump and Hillary Clinton in the run-up to last year’s presidential election. In April, a collective known as Anonymous conducted a DDoS campaign against Trump, attempting to take down a number of his websites. Later, as we drew closer to election day, another group used a Mirai botnet, just like the Dyn attack, to target the campaign websites of both politicians.
While Anonymous hoped its attack would end Trump’s campaign, it didn’t quite work out that way...
Even if you’re not a high profile name, you should still be wary of falling victim to a DDoS. Sophisticated attacks are on the rise, and can be executed pretty quickly. They can take your website down for hours, even days - costing you money in the process. Here are some ways you can mitigate against the risk.
Some commercially available firewalls come with hardware that can lessen the impact of DDoS attacks. Generally, these will protect you against traditional attacks using well-known methods, and might not completely stop them, but will provide some layer of protection.
DDoS attacks can be managed by an increased amount of bandwidth. Consider investing in more bandwidth, or having the cash to rent it if you suddenly need it - a significant level of bandwidth should absorb a DDoS attack.
Here’s a simple one: regularly run a script on your server that conducts a traffic count. If there’s a spike in traffic, you’ll get an alert. This could be a sign that a DDoS is in progress, and you can start battling back.
Have a question about how to protect your business against DDoS attacks? Contact us today at firstname.lastname@example.org