DDoS Wars, Episode I: The Phantom Menace

Distributed Denial of Service (DDoS) attacks have been making a lot of headlines in the last year – particularly through the work of the Lizard Squad, the cyber criminals behind the attacks that caused major network outages for global corporations such as Microsoft, Sony and Malaysian Airlines.

While only the severest attacks affecting some of the highest profile businesses might make the news, cyber criminals are launching new DDoS attacks on a daily basis. Large enterprises such as carriers and online retailers – who rely on the web to sell their products and services and to engage with their customers – are often under relentless bombardment.

DDoS attacks rely on hijacked devices that cyber criminals add to their army, bombarding a weakness in a network. Infected devices are turned into robots, called botnets, which add network traffic to the attack. This is akin to recruiting an army of clones formed by specific computers, ports or services on the target system, entire networks or network and system components.

The most common type of DDoS attack involves flooding the target with external communications requests. Eventually, the attack will build enough momentum to bring the network to a standstill, as it can no longer deal with the wave of requests. It is comparable to a website being inundated with requests on a particularly busy day and eventually becoming overloaded.

The financial and reputational implications of DDoS attacks are growing in significance. Companies face the threat of not only losses inflicted by operational downtime, but also of extortion from the more recent phenomenon of ‘ransom attacks’.

By exploiting vulnerabilities in unprotected networks and a range of connected devices, including smartphones and tablets, DDoS attackers are able to grow their botnets at an alarming rate. This increases the scale and power of an attack and reduces the likelihood of an effective counter attack from the victim’s network.

This also gives cyber criminals more control over the timing of an attack, allowing them to stage an attack at a crucial time when a business simply cannot afford for its network to fall over, giving the attackers far more leverage. For example, timing an attack on a global ticket selling website the day Beyoncé tickets go on sale would be a classic example of a ‘ransom attack.’

Organisations such as carriers, online retailers and financial service platforms are heavily reliant on their global online presence to do their day-to-day business and remain profitable. Therefore, protecting the business against this increasingly sophisticated for of cyber attack is the reason DDoS protection is climbing higher up the IT agenda.

Read part 2 of Srini CR’s blog on the new wave of cyber warfare.

Has your business ever been affected by a cyber attack? Leave your comments below.