In February 2021, Ukraine’s National Security and Defense Council (NSDC) accused attackers in Russia of launching massive DDoS attacks against Ukrainian government websites. These sites — including the website of the Security Service of Ukraine, the National Security and Defense Council of Ukraine, and others — were all in the security and defense sectors. Although Ukraine stopped short of accusing Russia of being responsible for the attacks in question, it did note that the IP addresses belonging to the attackers were from Russian networks. The attackers utilized a botnet to amplify the attacks, rendering the sites in question inaccessible to users.
Such attacks between nation states are far from your run-of-the-mill cyberattacks. However, they represent not just how mainstream DDoS attacks have become, but also just how formidable a weapon they are considered to be: methods of attack that, unlike bombs or missiles, don’t cause physical damage, but cause serious disruption in their own way.
For businesses and organizations, it should be considered an advertisement for the importance of DDoS mitigation tools.
What you need to know about DDoS
DDoS attacks, for those unfamiliar with them, refer to Distributed Denial of Service attacks. This brand of cyberattack first appeared in the mid-1990s as a tool for cybervandalism or “hacktivism.” In a DDoS attack, an attacker bombards a victim’s website or online service with enormous amounts of fake data, such as fraudulent connection requests, with the goal of overwhelming it with the increased quantities of traffic.
This, in turn, leaves the target unable to accept legitimate requests from genuine users, either resulting in the service suffering severely impacted performance or being knocked offline altogether. Although the DDoS attack just comes from a single or small group of attackers, the traffic comes from a large number of machines (hence the “distributed” part of the name). These are usually malware-infected computers or Internet of Things devices, forming a so-called botnet.
Today, the usage, prevalence, and scope of DDoS attacks has greatly increased. As with the report about Russian attackers targeting Ukranian government websites, it’s no longer unusual to hear about DDoS being used to target nation states. But even when the attacks are not at this level, they have the potential to be incredibly nasty in terms of their effects. For example, in 2020 a reflection-based DDoS attack against Amazon Web Services (AWS) reportedly peaked at 2.3Tbps in size. Meanwhile, Google has reported a DDoS campaign against it, supposedly originating from China, which achieved, at its peak, a bombardment of 2.5Tbps. These are attacks that even giant companies — let alone small businesses — struggle to deal with.
DDoS attacks have claimed some big-name victims
DDoS attacks have taken down targets including the BBC, code repository GitHub, major banks, Sony Networks, and more. They have also been used to attack schools and colleges during the pandemic, as pupils and teachers had to use online tools for learning.
Reprehensibly, they have even been used to attack medical facilities, potentially putting patients’ lives at risk. For instance, in March 2020, the Paris hospital authority AP-HP was hit by a DDoS attacker aiming to take down its systems. AP-HP is in charge of 39 public hospitals in France.
Depending upon the target, the effects of a DDoS barrage can vary. For a medical facility, for example, it could mean that doctors are unable to access vital patient information. For an eCommerce business, it may mean that they are unable to trade for a period of time. This latter scenario has opened up opportunities for unscrupulous business rivals to use DDoS to target competitors, especially during peak sales times during the year.
In recent years, there has additionally been a growing trend of DDoS extortion attempts, designed to force targets to cough up money to avoid being hit with a DDoS attack. The barrier to DDoS entry has also been lowered by the availability of botnet-for-hire services, which allow users to rent a massive botnet to launch DDoS attacks for as little as a few dollars at a time.
Deploy the right tools for protection
DDoS attacks are everywhere — and no business or organization can afford to be without the proper protection against them.
Luckily, the right DDoS mitigation tools are available to help. DDoS mitigation tools can help protect against such strikes by intelligently monitoring traffic and blocking suspicious user requests, while allowing legitimate requests to reach their destination. Meanwhile, organizations can defend against volumetric DDoS attacks by absorbing the enormous amounts of data that comes with a DDoS attack using what is known as a scrubbing center. In instances when possible attacks are identified, traffic gets redirected to these scrubbing centers that are able to deal with these kinds of high volume flood attacks. The results mean that, while an attacker may still launch a DDoS attack, you, as the target, will still be standing after it has done so.
Deploying these cybersecurity tools can be a game-changer — whether you’re a small business, a large corporation or, potentially, even a nation state in need of cyber defenses.