There has been an alarming increase in DDoS (Distributed Denial of Service) attacks in the last year.
The majority of businesses in various industries along with their different processes have no choice but to shift online to ensure business continuity. There was sudden transfer to remote operations and telecommuting, which logically meant more access to organizations’ IT infrastructure. This shift has been swift, and many organizations have been ill-prepared for this drastic change in operations.
This meant many businesses and companies had to start relying on their IT infrastructure that had not been prepared to meet the increased demands brought on by an emergency situation. This meant vulnerabilities within the organizations’ networks are now front and center. It then became a mad scramble to balance handling the increased load and making sure that vulnerabilities are addressed.
Another factor that has resulted in the increase in DDoS attacks is the rollout of 5G technologies. The effect of this rollout is the marked rise in IoT (Internet of Things) and smart devices across the globe. These devices can become the unlikely entry point for DDoS attacks.
The Worst DDoS Attacks in History
The reliance on remote access has exposed networks to malicious actors. These cybersecurity attackers use many methods to perpetrate their acts, and one of the most popular methods in their arsenal is a DDoS attack.
A DDoS attack is a form of online attack that aims to upset the normal operations of the server, service or network that is being targeted. The attack comes in the form of flooding the target with continuous, unrelenting internet traffic. A DDoS attack can be likened to an immense gridlock in a highway that prevents the passage of legitimate, important traffic towards the destination network or server.
This form of cyber-attack is simple in its execution, that’s why it is preferred by many cybercriminals. These attacks can target almost any server or network in the world. Unfortunately, some criminals have been successful in their acts, which has resulted in massive problems for many organizations all over the world—with some of them being the most popular companies on the planet.
Some of the worst DDoS attacks that have happened in recent history are as follows:
The 2020 Amazon Web Services Attack
Amazon Web Services is arguably the most popular and most adopted cloud computing platform in the world. AWS offers computational power, cloud storage of databases, content delivery, among others, to businesses.
In February 2020, AWS was the victim of a massive DDoS attack. This originated from an unidentified AWS customer that was attacked using the Connectionless Lightweight Directory Access Protocol (CLDAP) Reflection technique. The CLDAP Reflection takes advantage of third-party CLDAP servers and increases the volume of data sent to the IP address of the target by up to 56 to 70 times. The attack went on for three days. At its height, almost 2.3 terabytes of data per second was being directed towards the victim.
The 2017 Google Attack
In October 2020, Google revealed that it was the target of a huge DDoS attack in September 2017. The Company said it was bombarded with a flood of internet traffic that lasted for over six months, which peaked at one point to 2.5 terabytes of data.
The source of the attack was traced back to a government-supported hacking group that used four ISPs in China to flood Google’s servers.
The attackers spoofed 167 Mpps (millions of packets per second) to over 180,000 CLDAP, DNS (Domain Name Server), and SMTP (Simple Mail Transfer Protocol) servers that would then send over the data to Google.
The 2018 GitHub Attack
In February 2018, GitHub was the victim of a DDoS attack that saw the platform, which could already handle high amounts of internet traffic because it’s the leading online code management service, inundated by traffic that reached 1.3 terabits per second.
The attack used a memcaching method to overwhelm GitHub’s servers. The cyber attackers managed to spoof the platform’s IP address then amplified the traffic coming into GitHub.
How Can You Protect Your Organization From DDoS Attacks?
With DDoS attacks, it’s comforting to know that you can implement strategies and solutions to protect your business from this cyber threat.
Some of the methods and solutions you can use to prevent a DDoS attack are as follows:
Install a WAF (Web Application Firewall)
Installing a web application firewall is a great first line of defense against DDoS attacks. WAFs are intelligent enough to determine the difference between legitimate internet traffic and the malicious traffic that is the signature of a DDoS attack. A WAF will protect your website and ensure your customers will be able to access your website.
Implement Good Security Hygiene
All businesses and organizations should inculcate in their team members to always practice good security hygiene. This includes using hard-to-crack passwords, instituting regular password resets, and ensuring that employees do not write down or store their passwords in online, unsecured notes. These may sound quite elementary but numerous DDoS attacks have happened because of an employee using a simple password.
Constantly Update Your IT Infrastructure
Always maintain your network and ensure that everything is updated. Create an inventory that tracks the age of your systems. Replace or update legacy or outdated systems within your organization because these are usually a convenient entry point for DDoS attacks to happen. You should also keep your system updated by regularly patching software and other programs. This might not be applicable to SaaS or cloud deployments, but if you have physical infrastructure on-premises in a hybrid scenario, this will play an important part in ensuring security.
Set Up Robust Server Capacity
As mentioned above, DDoS attacks overwhelm your servers with continuous streams of internet traffic. You can help mitigate the effects of an attack by ensuring that you overcompensate with your system bandwidth. Check that your server capacity is agile enough to handle sudden upsurges in traffic and that your service provider can ward off such attacks when they happen so that you are not billed unnecessarily for illicit traffic.
DDoS attacks can cause massive disruptions that will negatively affect any business. Even large companies are not immune to these attacks. But by implementing effective security methods in your organization’s networks and servers, you can survive any DDoS attack.
John Black
Tags: Cybersecurity, Data, DDoS, Firewall, Network, Security, WAF
