DDOS attack map.

How DDoS Protection Works

How DDoS Protection Works

DDoS attacks are a substantial threat to websites of all sizes, as evidenced by the numerous organizations affected by DDoS attacks within the past year. These have included major banks in dozens of countries, as well as the large organizations affiliated with the Rio Olympics in 2015. It seems as though no site is fully safe from the threat of DDoS attacks these days, which is why sites of all sizes need to take more proactive measures to protect themselves. By having a better understanding of what DDoS attacks are and how they can be avoided, website owners and administrators can be prepared to prevent or react to attacks down the road.

Understanding DDoS Attacks

Essentially, a DDoS attack works by flooding a website’s servers with “fake” or non-legitimate traffic. The size of these attacks can range greatly from just a few gigabytes per second to hundreds of gigabytes per second, depending on the strength and capacity of the attack itself. Either way, DDoS attacks can bog down a website’s servers to the point of slowing it down or even causing the server to shut down entirely. Websites affected by DDoS attacks could suffer for hours or even days before regular service is restored.

DDoS Protection Saves the Day

Because of the growing threat and frequency of DDoS attacks these days, many hosting companies are now offering DDoS protection as part of their dedicated server offerings. The purpose of DDoS protection is to reduce the chances of a server from being affected by one of these attacks. Specifically, DDoS protection works by “filtering” traffic as it comes through the site and blocking anything perceived to be non-legitimate traffic. Meanwhile, regular traffic from legitimate users is able to pass through without any delay. DDoS protection can vary according to the size of attack it can thwart, which is why it’s important for website owners to know how much protection they need.

What to Look for in DDoS Protection

Some hosting companies include a certain “standard” amount of DDoS protection as part of their service—the amount is highly variable and so is the quality. Ten Gbps may be enough protection for some sites, but for larger websites that receive higher amounts of traffic on a regular basis, opting for additional DDoS protection may be recommended. Typically, you can purchase DDoS protection for a set dollar amount per month so you can add your preferred level of DDoS protection into your budget. If you’re not sure what your needs are, the best thing you can do is to speak with a hosting company that will assess your traffic and risk factors to make a recommendation for you.

All website owners need to be aware of the threat of DDoS attacks now and in the future, as they are only expected to become more common. Fortunately, by having the right protection in place, you can keep your site running even through an attempted attack.

Some facts about DDOS

1) According to cybersecurity company Check Point, a new botnet has been spotted which is enslaving internet-of-things (IoT) devices – mainly internet routers and remote cameras. “The next cyber-hurricane is about to come,” the firm claimed in a report this week (19 October).

Research suggested that the new botnet is evolving at a rapid pace, and could soon be weaponised to launch cyberattacks in the same fashion as “Mirai” last year.

When the Mirai botnet hit a year ago, in October 2016, the computing power was exploited to take a slew of US websites offline – including Twitter, Reddit and Netflix – using denial of service attacks.

 

2) The US reportedly conducts a denial-of-service attack against North Korea’s access to the Internet, so the regime of Kim Jong Un has gained another connection to help a select few North Koreans stay connected to the wider world—thanks to a Russian telecommunications provider. Despite UN sanctions and US unilateral moves to punish companies that do business with the Democratic People’s Republic of Korea, 38 North’s Martyn Williams reports that Russian telecommunications provider TransTelekom (ТрансТелеКо́m) began routing North Korean Internet traffic at 5:30pm Pyongyang time on Sunday.

The connection, Williams reported, offers a second route for traffic from North Korea’s Byol (“Star”) Internet service provider, which also runs North Korea’s cellular phone network. Byol offers foreigners in North Korea 1Mbps Internet access for €600 (US$660) a month (with no data caps).

Up until now, all Byol’s traffic passed through a single link provided by China Unicom. But the new connection uses a telecommunications cable link that passes over the Friendship Bridge railway bridge—the only connection between North Korea and Russia. According to Dyn Research data, the new connection is now providing more than half of the route requests to North Korea’s networks. TransTelekom (sometimes spelled TransTeleComm) is owned by Russia’s railroad operator, Russian Railways.

The United States has reportedly been engaged in offensive cyberattacks against North Korea, but with no destructive results. According to a report by the Washington Post, President Donald Trump signed a directive earlier this year of putting pressure against North Korea that involved several diplomatic and cyber-military actions, including using cyber activities against the country.

Max Francisco
Max Francisco has been doing digital projects in Brazil and the US for the last 15 years.