Jump to content

DDoS attacks: what they are and how you can keep them at bay

sincity

By sincity
in Technology

 Share

Recommended Posts

sincity Rookie

sincity

Posted
Posted
DDoS attacks: what they are and how you can keep them at bay

Cyber criminals are becoming increasingly sophisticated in their attacks on organisations, with intricate script-writing and manipulative social engineering creating new modes of offence every day.

But one tried and tested attack vector you would no doubt have read about before is the Distributed Denial of Service method, more commonly known as DDoS.

Giving us the full low-down on this cybercrime staple in our Q&A is Fred Kost, VP of security firm Ixia.

TechRadar Pro: For the uninitiated, what is a DDoS attack?

Fred Kost: It is a multi-faceted attack that leverages legitimate applications and services on the internet and often infected computers or botnets to create large-scale attacks.

Often, it can be quick and dirty - the attacker's devices are compromised systems that make attribution difficult or the misuse of legitimate services and applications. As a result, DDoS attacks can be hard to defend against and have a big impact.

DDoS attacks are likely to continue since organisations are unable to protect against all attacks and there is a general lack of co-ordination within the industry.

This is largely due to the fact that IT teams often procure disparate security systems that sit passive on their network since dropping them in line without testing incurs an element of risk.

TRP: What are the motivations behind DDoS attacks?

FK: The motivations of a DDoS attack can vary but the majority are financially motivated and deliberately designed to disrupt business operations. However, some are ideologically motivated and designed to counter the political stance of an organisation.

The one constant is that any industry can fall victim to an attack, with costs and downtime remaining the same.

TRP: How are DDoS attacks carried out?

FK: DDoS can be carried out using volumetric attacks, traffic floods or attacks to render an application unresponsive. Any defence or mitigation strategy must address all of these areas in order to be successful.

TRP: What are the tools available that can be used to launch a DDoS attack?

FK: A variety of software is available to launch a denial of service attack. For example, infected hosts can be used to build a botnet, readily available applications and services can be used to reflect attacks and machines can even be rented to launch attacks.

What makes DDoS particularly prevalent is that most of time users do not realise if they are hosting or herding the attack. Their IP maybe at the centre of an onslaught and they are none the wiser.

TRP: Why are DDoS attacks on the rise?

FK: The rapid increase in the volume of DDoS threats is largely because the tools available to launch DDoS attacks are readily available making it easier for hackers.

Sometime DDoS violations may even be smokescreens designed to distract security teams while another attack is underway.

TRP: How are DDoS attacks evolving?

FK: Developments in reflection and amplification mean that botnet herders are getting better at moving around quickly and can just move to another IP or region if they are discovered.

As a result, organisations must be proactive in developing a defence strategy - one that includes products, services and a response process.

TRP: How can organisations develop these defence and mitigation strategies to counter DDoS attacks?

FK: Much like the fire drill that is practised to evaluate building evacuation effectiveness, DDoS mitigation requires testing and practice to ensure that the technologies and processes put in place can stop any damage.

When under attack, DDoS mitigation must be able to allow the "good" traffic through yet block and suppress the "bad" traffic. This can be a challenge so organisations need to be prepared by testing mitigation strategies with tools that simultaneously launch a comprehensive set of DDoS attacks with other attack techniques to identify any weak points.

TRP: DDoS attacks are just the tip of the iceberg, so how can organisations stay ahead of other new threats?

FK: Mitigation against new threats requires testing and practice to ensure that technologies and processes can stop the damage that new threats can cause. Forward-looking organisations will go one step further by building real world proof of concepts and lab setups that can test security resiliency.

mf.gif


rc.img
rc.img
rc.img

a2.imga2t.imgY2HDATAFZQI
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

About Us

We are glad you decided to stop by our website and servers. At Fearless Assassins Gaming Community (=F|A=) we strive to bring you the best gaming experience possible. With helpful admins, custom maps and good server regulars your gaming experience should be grand! We love to have fun by playing online games especially W:ET, Call of Duty Series, Counter Strike: Series, Minecraft, Insurgency, DOI, Sandstorm, RUST, Team Fortress Series & Battlefield Series and if you like to do same then join us! Here, you can make worldwide friends while enjoying the game. Anyone from any race and country speaking any language can join our Discord and gaming servers. We have clan members from US, Canada, Europe, Sri Lanka, India, Japan, Australia, Brazil, UK, Austria, Poland, Finland, Turkey, Russia, Germany and many other countries. It doesn't matter how much good you are in the game or how much good English you speak. We believe in making new friends from all over the world. If you want to have fun and want to make new friends join up our gaming servers and our VoIP servers any day and at any time. At =F|A= we are all players first and then admins when someone needs our help or support on server.

Player Gaming Stats for =F|A= Servers.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept