DDoS-attack: what is it and how to prevent it

One interesting fact: the first successful DoS-attack happened in 1974 when the teenager David Dennis caused the outage of some computers at the university research lab. He developed a program that sent the EXT command to all devices available nearby. Due to that, 31 terminals stopped operating.

However, Dennis used only one computer. In 1999, somebody used 114 computers to attack the University of Minnesota. The technic was quickly adopted by others, and now we have DDoS-attacks as they are. DDoS stands for Distributed Denial-of-Service, and DoS stands for Denial-of-Service.

If your server suddenly has a huge number of requests, they continue very often, and the server stopped reacting, then most likely it is a DDoS-attack. It is as if all grannies of the city decided to call one hospital of the city simultaneously.

Now seriously. To carry out DDoS-attack, malicious actors use devices connected via the Internet. These devices are often parts of the Internet of Things that were affected with malware, and now they are controlled by a hacker. This is the way botnets are created. They usually have not 2 or 3, but thousands of devices, sometimes millions of them. When such an army simultaneously sends a request to the victim’s IP-address, it cannot resist all requests and stops functioning.

Because of the server stops operating or operates slowly, the company loses its customers. That’s why DDoS-attacks are often used by business rivals. They order an attack on their rivals, and while the rivals are trying to stop the attack, the company made the order gets all clients and profit.

At the end of March 2021, the StormWall experts reported that in 2021 the number of DDoS-attacks will increase in 20% in comparison with the previous year. They think this will happen because of many people working and studying remotely which influences the number of junior hackers among students and school kids. And because many people work remotely, the criticality of internet services is increasing.

The experts also say that the development of the 5G technology can cause the increase in the number of DDoS-attacks, because it probably can be performed with the help of a mobile phone.

How to prevent DDoS-attack?

  1. Expand the bandwidth of the channel

The simplest you can do to increase the DDoS-attack resistance is to ensure your virtual private server (VPS) has enough of throughput capacity to manage the traffic surge.

  1. Organize a distributed infrastructure

Organize the load balancing system to distribute traffic across multiple servers. It will be more difficult for a hacker to reach the goal. If it is possible, let data centers locate in different countries. If the attack occurs, malicious actor will be able to disable just several of your servers. The rest of them will keep functioning. That’s why the consequences to the business will be less damaging.

  1. Set up configurations

Accurately configured firewalls can detect and block attacks. For example, if the attack attempt is discovered, they will stop accepting ICMP-protocols and start blocking the DNS-server responses outside the company’s network.

  1. Get the DNS-provider protection

You can trust the security of your infrastructure to the DNS-provider. They must have the knowledge and possibilities necessary to provide the DDoS-attack protection.

  1. Get other means of security

The security providers offer special tools to prevent DDoS-attacks which are always equipped with AI to analyze the incoming traffic. These tools are worth getting so that the DDoS-attack doesn’t catch you off guard.

  1. Make a plan in case the attack has already occurred

The company should think about where exactly the fraudulent actors can attack and make a plan to minimize the consequences of attacks. Some companies hire the specialists who know how to act in case of an incident.

It’s not important what way you choose. It’s important to take measures to minimize the attack consequences to the business. The Analytical department of Falcongaze has told what you should do so that DDoS-attack doesn’t achieve its goal.

The SecureTower DLP system

  • Data leak protection
  • Staff efficiency and loyalty monitoring
  • Identification of potentially dangerous employees (risk analysis)
  • Busines communications archive maintaining

Important publications

What is UBA? 6 August 2019
What is DLP systems? 13 February 2019