Return to Blog

What Is a DDoS Attack?

August 06, 2019

What Is a DDoS Attack?

By George Rouse

Edge Routers Technical

The number of distributed denial-of-service (DDoS) attacks in today’s modern business landscape is rapidly increasing – both in frequency and intensity.

In a DDoS attack, someone launches a cyberattack targeting a computer or web server with the intent of temporarily or permanently disrupting the network. A DDoS attack is carried out by flooding the computer or server with meaningless, superfluous requests.

The goal is to slow down or take down the server, preventing it from handling legitimate requests and traffic. DDoS attacks can cost a business time, money, and reputation.

In this article, we breakdown the different types of DDoS attacks, how to detect them, and how to prevent them.

What Is a DDoS Attack?

Denial of Service attacks are designed to overwhelm a machine or server with excessive requests, with the ultimate goal of slowing down or taking down the server. In attempting to handle the hundreds (sometimes thousands) of excess requests, the server can’t handle legitimate user requests.

An in-depth 2017 academic study found that a staggering “20.9M attacks, targeting 6.34M unique IP addresses, over a two year period.” The study is called “Millions of Targets Under Attack: a Macroscopic Characterization of the DoS Ecosystem” and also found that on average, there are “28,700 distinct DoS attacks every day.”

DoS attacks typically target high-profile web servers such as banks or credit card companies. Attacks may transpire as revenge, blackmail, or activism techniques. Whatever the motivation, the result is the same: Deprive legitimate users of a service or resource.

The United States Computer Emergency Readiness Team (US-CERT) has identified the tell-tale signs of a DoS attack:

  • Unusually slow network performance
  • Unavailability of a particular web site
  • Inability to access any website
  • Dramatic increase in the number of spam emails

Types Of DDoS Attacks

The most common type of DoS attack involves flooding a network server with requests, overloading it with traffic. The overwhelmed server then is unavailable to legitimate users.

There are several types of DoS attacks:

  • Smurf Attack: Sends Internet Control Message Protocol broadcast packets to many hosts with a spoofed source IP address that belongs to the target machine. The target responds and becomes flooded with those responses.
  • SYN Flood: Sends a number of requests to connect to the target server that can’t be completed. The connection queues fill up and unavailable for any other requests.
  • Buffer Overflow: Data transferred to a buffer exceeds the storage capacity, and then the data overflows into another buffer – one the data was not intended to enter.
  • Ping of Death: Sends a ping request that is larger than 65,536 bytes, which is the maximum size that IP allows, causing a buffer overload.

DoS vs. DDoS Attacks

From DoS, hackers created a Distributed Denial of Service (DDoS), which involves the use of multiple systems to attack a single machine or network. By increasing the number of source machines, the number of requests is multiplied, increasing the attack power.

The flood of incoming traffic from multiple sources can force a network to crash. Because DDoS attacks originate from multiple sources, they are often the most difficult to detect and shut down.

DDoS attacks are typically carried out using botnets to carry out larger attacks. Botnets, usually a group of hijacked internet-connected devices, are often victims of a cyberattack, as well. Using multiple originating sources also makes it difficult to differentiate legitimate users.

How To Protect Yourself From a DDOS Attack

DDoS attacks can prove to be costly to businesses – in lost revenue, time, and reputation.

To avoid becoming a victim of a DoS or DDoS attack, businesses can take the following preventative measures:

  • Enroll in a DoS protection service that detects abnormal traffic flows and redirect traffic away from your network
  • Create a Disaster Recovery Plan to ensure proper communication, mitigation, and recovery of data in case of an attack
  • Secure all endpoint connections
  • Install a firewall and restrict traffic
  • Evaluate your security settings and follow good security practices.

Staying vigilant and implementing good security practices can prevent your business from falling victim to a cyberattack.

To learn more about protecting your business from a DoS and other types of cyberattacks, contact Datto.

Related
Talk Nerdy to Me: Datto RMM & Datto Networking Integration

John Tippett, VP of Product, Networking and Matthé Smit, Director of Product Management for Datto RMM discuss the new cloud-to-cloud integration between Datto Networking and Datto RMM.
[eBook] Selling Networking as a Managed Service

In this eBook, we share the experiences of 10 MSPs from around the world, offering their advice and guidance on how they successfully built their networking as a managed service practice.

The Ultimate Disaster Recovery Checklist

Stay One Step Ahead Of Potential Disasters with Datto’s Disaster Recovery Checklist

View the Resource
Relevant Articles