DDid you hear about DDoS?
Imagine arriving at home, and someone’s put a padlock and chain across your front door. In IT, that’s called a DoS (Denial of Service) attack.
A DoS attack is usually perpetrated by a single hacker who manages to take down a server (or even an entire data centre), making it impossible for legitimate users to access the server.
Now imagine you come home, and someone has talked all the neighbourhood kids into each taking a hammer and knocking one single nail through your front door and into the doorpost – but there are hundreds or even thousands of nails in your door. That’s a DDoS attack – Distributed Denial of Service, i.e. not from a single source.
DDoS attacks are where irresponsible computer users are, in a way, the real culprits. Here’s why:
In order to carry out an attack, a hacker needs an ‘army’ of compromised computers (called ‘bots’ or zombies’) to attack your server. But where do they come from? Quite simply, ordinary people who have computers that have or are:
- Outdated (old operating systems, or not recently updated, sometimes both)
- No antivirus
- No firewall
- Illegal downloads/ pirate software/ fake or cheap antivirus
If you drive a car with bald tyres, and you hit someone, the law says it’s your fault, plain and simple, no matter whether the other person cut you off, braked suddenly or turned without warning. Similarly, when people are so negligent with their own computer security, and quite literally aiding and abetting criminals, then the moral blame shifts to them as much as it falls on the hackers themselves. And that is why it’s so important to care of your own cyber security, on every device that you own, whether at work or personally. Don’t make it easy for hackers to use your computers as weapons against other people.
The question many people ask is: Why? What do hackers gain from locking people out of their company’s server?
The answer is multi-faceted.
- A hacker could be doing a test-run of some new attack method, attacking a smaller server in anticipation of attacking the real target later on, or a newbie hacker could simply be trying out techniques or tools he’s just purchased (yes, hackers have support forums, online shops, online courses… you name it)
- A competitor might have hired a hacker (yes, it does happen, it’s a very old tactics and it’s called Corporate Espionage) to block a company’s servers to e.g. cripple their website, or prevent productivity (e.g. both companies might be applying for the same tender, and crippling the competition usually gets them an advantage)
- Extortion of money to stop the attack
- Punishment for perceived wrongdoing – hacktivists (hacker + activist) will sometimes launch DoS or DDoS attacks on large corporations’ data centres as punishment for pollution, animal testing etc.
- Distraction – while everyone is scurrying, trying to fend off the DoS attack, some other target is being hit and, with nobody looking after it, it easily succumbs to the attack
- Sometimes, very rarely, it was a self-inflicted accident. Incorrect settings on, for instance, a mail server could cause an escalating loop-back that keeps growing in size until it swamps the system.
Whatever the reason, the problem is still defending against it. A DoS or DDoS attack could leave you with a huge cost in terms of money, time, productivity, lost sales and reputation damage. The basics of defending against a DDoS attack are:
- Powerful firewalls with Botnet blocking and ‘blackhole’ features – i.e. the flood of fake traffic gets redirected to ‘nowhere’
- Contact your ISP to reroute traffic
- Migrate services to a different IP address that isn’t currently under attack
- Cloud-based DoS and DDoS prevention systems
For help on any of the above, get in touch with us today. We have world-class firewalls that businesses need, but can’t afford on their own and our data centres are ISO 27001 certified.