According to the Computing Technology Industry Association there are currently four main cyber security threats that every IT department, individuals, and personal users should be vigilant of in the coming year. These include supply chain issues, ransomware, social engineering, and our topic today, the growing prevalence of DDoS Attacks. If you have never experienced a DDoS Attack, consider yourself lucky. Today we will be looking at the basics of what this type of cyber attack includes, the most common types and how you, as a user, can identify when it is happening to you and how to stop it.
What is a DDoS Attack?
DDoS stands for distributed denial-of-service. It is a malicious attempt to use resources from multiple, remote locations to attack an organization’s online operations. Usually this is done by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.In layman’s terms a DDoS Attack is like a traffic jam that is blocking the highway that prevents regular traffic from arriving at the destination (your computer, server, and/or router)
While these attacks were once seen as annoying and less severe than other types of cyber crimes, they have been growing in frequency and severity in the last few years. In fact, InfoSecurity Magazine reported, “2.9 million DDoS attacks in Q1 of 2021, an increase of 31% over the same period in 2020.” That is a significant rise that IT departments and individuals should prepare themselves for in the coming months and years if trends continue. Comptia online also reports that there has been “an exponential increase in DDoS attacks that have incapacitated businesses for significant amounts of time. In February of 2020, Amazon Web Services (AWS) suffered a DDoS attack sophisticated enough to keep its incident response teams occupied for several days, also affecting customers worldwide. In February of 2021, the EXMO Cryptocurrency exchange fell victim to a DDoS attack that rendered the organization inoperable for almost five hours.” (Source: Comptia online)
Identifying & Mitigating a DDoS Attack
How does a user know that a DDoS Attack is happening? There are several symptoms to stay on the lookout for as you go about your daily work or usage on your devices. These include:
A suspicious amount of traffic from a single IP address.
Odd traffic patterns that spike at odd times of day such as off-peak usage times.
An unexplained surge in requests from a single page or endpoint.
A flood of traffic from a user(s) that shares profiles. (Source: CloudFlare Learning)
To mitigate a DDoS Attack, it is imperative to identify the problem as soon as possible. As with many cyber security issues, the sooner you identify the problem the faster you can mitigate the issue.Early identification may include users reporting slow or unavailable service, logs showing a spike in service, a 503 service unavailable error, and reports coming from mitigation devices such as your cloud server. Once detection has been acquired, tasks such as filtering the unwanted traffic and diverting traffic so that it doesn’t affect your critical resources. From there your IT department can complete an analysis of the event and limit the damage from the attack. Do you have further questions about identifying and mitigating a DDoS Attack on your devices? Talk to our team today.