Home What Can Companies Do to Stop a DDoS Attack?

What Can Companies Do to Stop a DDoS Attack?

The most well-known trick criminal hackers have in their bag is the distributed denial of service (DDoS) attack. To create a DDoS attack, hackers use a botnet to send mass amounts of traffic at a website server, bringing the site down. Recent attacks targeted CIA’s public website, WordPress and credit card companies. The “hacks” make big news and it seems like almost every other day another large commercial website is taken down.

The most important thing to know about a DDos attack is that it is really not a hack at all. The purpose of DDoS attacks are not to steal information but rather to prove a point. “We control massive botnets and can make life very difficult for you” is the message that hackers are sending. A DDoS is what many would call a “dumb” attack because it is sheer force, a giant hammer aimed at a Web server. Yet, large-scale dumb attacks are often the most difficult to stop. What can companies do to protect themselves against a DDoS attack on their doorstep?

Beef Up, Team Up and Black Hole

The simplest way to survive a DDoS attack is to build your own data centers – like Apple, Google, Amazon or Microsoft – that can handle any amount of traffic. Most big corporations (not to mention small and medium businesses) do not have the ability to scale the way the Internet giants do. Apple built a 500,000 square foot data center worth about $1 billion in North Carolina that was finished in April. But for other companies, building their own data mammoth data centers is not an effective use of resources.

“About the only thing to do is beef up or go into a cooperative,” said Chester Wisniewski, a security researcher and blogger with Sophos, in a recent interview. “That is the advantage that small and medium business have with being in a giant cloud. They pay a small amount for the data they use yet have all the benefits of being in a massive data center.”

“Our complacency is contributing to criminal acts because we are do lazy to take the right steps to prevent it.”
-Chester Wisniewski, Sophos

“Companies can set up a cooperative in their region or industry,” Wisniewski said. “Set up a protocol to distribute infrastructure that could withstand 1,000 times to 5,000 times their traffic in an attack.”

Cooperatives essentially form a networked cloud which allow companies to cordon off the attack and stream it into a “black hole” where it is not longer affecting their servers.

Wisniewski said anti-DDoS companies such as Damballa Security, ServerOrigin and Arbor Networks purchase extra bandwidth that can be used as an elastic option if a company is being targeted.

“DDoS attacks are a risk so it is really like buying insurance,” Wisniewski said.

Everybody Has A Role in Cybersecurity

Do you use a computer? A PC or a Mac or something running Linux? You may not think it, but you and the people you know may be directly responsible for the security of the Internet.

Botnets are comprised of thousands or millions of malware infected computers. Tied together, those computers can process much more bandwidth than any one computer or server alone. DDoS attacks are all about bandwidth. That is the reason that hackers like to distribute botnet malware at places that have “fat tubes” such as universities and corporate PCs.

Most DDoS attacks could not exist without botnets (sometimes groups form voluntary botnets to launch attacks, but that is a different story). As such, the easiest way to prevent the attacks is to limit the resources of the botnets. Installing and maintaining security software on your computer is the easiest way to thwart attackers. Always be wary of suspicious links or websites. When in doubt, do not click.

“There is no good reason for your computer to participate in these attacks,” Wisniewski said. “Our complacency is contributing to criminal acts because we are do lazy to take the right steps to prevent it.”

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.