October 17, 2022

1267

0

Author: Matthew Turner

How Do DDoS Attacks Disable the Internet, and Is It Possible to Protect Against Them?

On the web, when a website stop opening normally almost overnight, there is often an excuse like this from the owners: “We are being DDos-ed. We are doing everything possible for a speedy recovery.”

Previously, we have already told you what a DDoS attack is. You can read it here.

In this article, we will try to figure out exactly when they appeared, how they evolved, what consequences they have led to, and what you should know so that your site can resist them.

DDoS attack — what is it?

DDoS, which stands for distributed denial of service, is a type of attack on an internet resource (whether private or government), in which users cannot access it. The site simply won’t open through the browser, or it will take too much time (conditionally, the bill will go for tens of minutes, not seconds.)

How is this achieved? A massive number of attempts to access the web service on which the resource is hosted is launched from the devices controlled by the hacker — and the system cannot withstand the sharp and unexpected influx of requests and fails. 

The main purpose of a DDoS attack is to overload the system with a huge number of login requests.

Let’s look at a more understandable example. For example, imagine you are going to go by car to a concert of your favorite band, and in total about ten thousand fans are scheduled to attend. At the same time, there is only one road leading to the venue where the concert will take place — but the organizers checked in advance that the highway will cope with such expected traffic. 

However, on the day of the concert, an additional ten thousand people appear on the highway in cars, and a traffic jam quickly forms. As a result, no one reaches the planned destinations: neither fans going to the concert, nor the “additional” people.

But it is important to understand: in a DDoS attack, these “additional” ten thousand people on cars are formed on the road not just by coincidence — they are specifically directed there by an attacker (that is, he uses devices controlled by him to generate login requests.)

Is a DDoS attack dangerous for ordinary internet users? Read more here.

Will the number of DDoS attacks only grow? 

It looks like the answer is yes. According to Cisco Corporation, back in 2019 ten million DDoS attacks were recorded all over the planet.

And their number will grow from year to year. According to Cisco forecasts, by 2023, about 16 million DDoS attacks per year are expected. 

However, in addition to the number, their power is also growing: there are more and more devices on the network that attackers can make into “zombies” and use for their purposes. To explain: major attacks are carried out with the help of so-called “botnets” — a combination of the words “robot” and “network.”

That is, botnets are “a single network of malware-infected devices — computers, laptops, smartphones, IoT devices — that are controlled by humans.”

How powerful can DDoS attacks be?

It is believed that DDoS attacks with a capacity of even one Gbit are enough to at least partially paralyze the work of a standard enterprise or a small web service.

In 2016, the Mirai botnet managed to take down the blog of an American journalist who was investigating cases of cybercriminals. However, to accomplish this the bot had to use a capacity of 623 Gbit/s — a record value at that time. 

According to unconfirmed information, later through Mirai hackers also struck at one of the hosting providers in Europe, using a staggering 1.1Tb of traffic generated by 145,000 IoT devices. This record is still unbroken today.

Cyberattack on Estonia lasted three weeks

Another landmark example is the massive DDoS attack on the internet infrastructure of Estonia, which occurred in 2007. Only then did it become clear that hackers could target not only individual organizations (whether private or public), but also the entire internet infrastructure as a whole.

There is no exact information about the impact, but in this case it is not about the “performance” of the attack, but about its duration — about three weeks, with different intensities. During that time, botnets were working, sending out huge volumes of spam and flooding the network with incessant requests. 

As a result, the spheres of trade suffered (cash and payment equipment experienced failures), and mail services and other information channels were clogged.

How to protect yourself from DDoS attacks

DDoS attacks are usually carried out on several categories of sites. Among them are online stores, “game-themed” projects (servers of popular online games like CS:GO or Minecraft), as well as resources of state institutions.

The main task of a DDoS attack is to disable the ability to use the site for a long time, especially during the so-called high season. 

The unavailability of a website can negatively affect its position in search engines, so DDoS attacks can be used as black SEO methods against competitors.

As for personal devices, the instructions are always standard: do not open suspicious links from emails and social networks, try to update the devices’ software to the current version regularly, and do not install free versions of programs from unverified developers.The best internet tool for secure and private online experience is here.