The DDos Arms Race of Internet Warfare
A distributed denial of service (DDos) attack is a cyber attack carried out by multiple computers to make a service temporarily unavailable to it’s users. The motivation for such attacks differs on a case to case basis; they’re commonly used as a means of protest by so called Hacktivists, and also for the purposes of extortion, competitor damage and sometimes simply just for the hell of it.
- Last year a DDos attack against anti-spam organisation Spamhaus was so huge it’s said to have ‘slowed down the entire Internet.’
- The number of DDos attacks over 20Gb/s recorded so far in 2013 is more than triple that of the whole of 2012.
- The country where the most DDos attacks originated In Q2 of 2013 is Indonesia.
There’s no one way to perpetrate a DDos attack. There is however a common method that we’ve seen time and time again, that involves sending a huge number of external communication requests to a targeted machine to flood its server. This means that the target machine can no longer respond to legitimate traffic, or that it responds so slowly that it becomes essentially inaccessible.
To harvest enough external communication requests to flood a target machine attackers make use of botnets. A botent – or ‘zombie army’ as it’s sometimes nicknamed – is a group of infected computers under the control of at least one attacker. These computers have usually been taken over through the use of malware such as trojan horses. With access to a stream of affected machines the controller can flood a website with requests by commanding the botnet to repeatedly access it.
Mitigating a DDos attack is a challenge faced by all hosting provides. Data web hosting companies actively defend and protecting our network against DDos attacks through constantly monitoring the traffic servers receive. For simple attacks experts filter out illegitimate requests and automatically block IP addresses that participate a certain amount of times. Fighting DDos attacks on a larger scale is essentially an arms race continuously add server space to ensure have more capacity than those attacking us. It’s vital that we regularly review system and procedures to deal with different kinds of attacks, as perpetrators use more and more sophisticated methods. The way we see it – we’re involved in a perpetual battle and it’s all about staying one step ahead!