What is DDoS Attack?

A Distributed Denial of Service (DDoS) attack is designed to force a website, computer, or online service offline. This is accomplished by flooding the target with many requests, consuming its capacity and rendering it unable to respond to legitimate requests.

A DDoS attack differs from a Denial of Service (DoS) attack because it is distributed. The malicious traffic comes from a variety of different IP addresses, often the members of a botnet. This makes the attack more difficult to defend against and enables the attackers to generate a larger volume of malicious traffic than a single system can generate on its own.

DDoS Protection Download DDoS Ebook

What is DDoS Attack?

How Does a DDoS Attack Work?

A DDoS attack is essentially the legitimate use of an online service taken too far. For example, a website may be capable of handling a certain number of requests per minute. If that number is exceeded, then the website’s performance is degraded, or it may be rendered completely inaccessible. This overload may be caused by an attack or even legitimate use, such as an e-commerce site being overwhelmed on Black Friday or a ticket sales platform going down when sales for a popular event are opened.

DDoS attacks are capable of overwhelming a target at various levels. For example, a web application may have a maximum number of requests that it can handle. Alternatively, the server that it is running on may have a limit on the amount of simultaneous connections that it can manage. A corporate network likely has bandwidth restrictions that could be overwhelmed by an attacker. Exceeding any of these thresholds will result in a DoS attack — or a DDoS attack if the attack uses multiple IP addresses — against the system.

Types of DDoS Attacks

DDoS attacks are an evolving threat, and a variety of techniques can be used to carry them out. Some examples of common DDoS threats include:

  • Amplification Attacks: Some services, such as DNS, have responses that are much larger than the corresponding request. In DDoS amplification attacks, attackers will send a request to a DNS server with their IP address spoofed to the IP address of the target, causing the target to receive a large volume of unsolicited responses that eat up resources.
  • Bandwidth Saturation: All networks have a maximum bandwidth and throughput that they can maintain. Bandwidth saturation attacks attempt to consume this bandwidth with spam traffic.
  • Cloud Resource Exploitation: Scalability is one of the hallmarks of cloud computing. By exploiting this fact, DDoS attackers can perform large-scale attacks against a target system.

Cybercriminals are increasingly performing “degradation of service” attacks in which a target is sent a lower volume of traffic that decreases the accessibility of the service without knocking it completely offline. These attacks have become popular because they are more difficult for an organization to detect than a full-scale DDoS attack.

DDoS Threats

DDoS attacks pose a serious threat to companies of all sizes and in all industries. Some of the potential impacts of a successful attack include:

  • Financial Losses: A successful DDoS attack can cause decreased productivity, downtime, and potential violation of SLAs as well as costing money to mitigate and recover.
  • Operational Disruption: A DDoS attack may render an organization unable to perform core operations, or it may degrade customers’ ability to access its services.
  • Reputational Damage: DDoS attacks may cause churn as customers choose competitors if they can’t reach an organization’s website or distrust its ability to provide products and services.

In recent years, the threat of DDoS attacks has grown significantly. One contributor is the greater availability of DDoS attack tools, making it easier for anyone to carry out an attack. Also, botnets have grown more popular and powerful, enabling them to perform record-breaking attacks to take down websites or entire networks. As DDoS attacks grow more common, larger, and more sophisticated, they are increasingly difficult and costly for an organization to mitigate.

DDoS Attack Prevention and Protection

The best way to manage the DDoS threat is to implement defense in depth. A combination of on-prem and cloud-based DDoS mitigation solutions will enable an organization to identify and block a wide range of DDoS attacks, including volumetric, application, reflective, and resource-exhaustive DDoS attacks.

Rapid detection and response are also important to reducing the impact of a DDoS attack. Proactive DDoS detection and prevention combined with an incident response team capable of deploying additional resources as needed can minimize the disruption and cost of a DDoS attack.

Protect Against DDoS Attacks with DDoS Protector

DDoS attacks are an ongoing threat to an organization’s security. Stay vigilant, continuously assess your security measures, and leverage reliable DDoS protection solutions to ensure the resilience of your infrastructure. To learn more about how to choose the right anti-DDoS solution, check out this eBook.

Furthermore, Check Point offers a free scan to analyze your organization’s resiliency against DDoS attacks. If you’d like to deploy additional defenses and reduce your DDoS risk, check out Check Point’s DDoS Protector.

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK