DDoS Attcak: Everything you Need to Know Behind this Headline
DDoS: Behind the Headlines
DDoS. It’s a type of attack that often makes world news, but rarely do we hear it mentioned by name, much less hear about what exactly it is.
This form of attack is a hacking staple, and perhaps one of the least technically advanced ways to achieve extremely destructive and disruptive results.
So, what is this common attack all about? Read on to find out.
Recent target, the Australian Census – an offshoot of the Australian Bureau of Statistics’ main web presence – show that nobody is immune. A true PR ‘perfect storm’, the agency bore the brunt of great public embarrassment and outrage after a lengthy DDoS attack rendered took its website completely offline.
DDoS 101
DDoS stands for ‘Distributed Denial of Service’, a reference to the way that the attack is committed: namely, via a very large number of messages sent to a particular website until it becomes overwhelmed and fails.
To get around the defenses of most servers, these requests are generally sent from an equally large network of computers operating in unison. To keep the operation covert, these computers generally aren’t owned by the attackers themselves. Rather, they are the machines of regular Internet users, who have been unlucky enough to fall prey to malware and have become part of a botnet.
This malware steals the resources of these infected machines and dedicates it to sending large amounts of requests daily, thus causing a sluggish (and even expensive) experience for the unsuspecting user.
How do they happen?
A DDoS attack is a common way for ‘hacktivist’ groups, such as Anonymous and Lulzsec, to disable or sabotage a website as political or social protest.
Less noble motivations are also common; cybercriminals may use a DDoS to extort money from businesses, or as a decoy for a more serious attack such as outright data theft.
Many times, however, the attack is carried out for the sake of e-vandalism or nuisance. According to Arbor Networks’ 7th Annual Worldwide Security Report, 2012, approximately 91% of US Internet service providers experience one or more DDoS attack per month, while larger providers can see more than 10 in the same period.
These attacks can cause service disruptions and downtime for the company, as well as thousands of its customers.
Is there anything I can do to protect myself?
For the average Internet user, the main threat posed by DDoS attacks is not the attack itself, but the malware that often facilitates it. Botnet malware can be very difficult to detect and remove, as it often comes bundled with rootkits (take a look at our guide to malware for more information).
To prevent getting yourself in trouble with botnets and other malware in the first place, stick to the general guidelines and avoid following links embedded in untrusted e-mails. Additionally, be sure to keep a lookout for phishing in your inbox, and be in the habit of staying skeptical about the links you find on social media, or even search engines. For more tips, take a look at our guide to avoiding malware.
If your computer has already been compromised by a risky click, your regular antivirus may not subsequently detect or remove strains of botnet malware. Signs of a botnet infection can include unusually sluggish performance, an overactive network light on your router, and potentially large Internet usage bills.
Running scans with anti-rootkit utilities, such as Malwarebytes Anti-Rootkit or TDSSKiller can help diagnose and fix the problem if you notice these strange behaviours, or ease your mind if you’re simply concerned.
For those who run their own business websites, getting in touch with your hosting provider can save you a world of hurt. Many hosts provide special DDoS protection tools you can apply to your site to make it a much more difficult target.
Lastly, awareness of this common Internet issue is perhaps the most important way to keep yourself – and your website – safe.