The most well-known trick criminal hackers have in their bag is the distributed denial of service (DDoS) attack. To create a DDoS attack, hackers use a botnet to send mass amounts of traffic at a website server, bringing the site down. Recent attacks targeted CIA’s public website, WordPress and credit card companies. The “hacks” make big news and it seems like almost every other day another large commercial website is taken down.
The most important thing to know about a DDos attack is that it is really not a hack at all. The purpose of DDoS attacks are not to steal information but rather to prove a point. “We control massive botnets and can make life very difficult for you” is the message that hackers are sending. A DDoS is what many would call a “dumb” attack because it is sheer force, a giant hammer aimed at a Web server. Yet, large-scale dumb attacks are often the most difficult to stop. What can companies do to protect themselves against a DDoS attack on their doorstep?
Beef Up, Team Up and Black Hole
The simplest way to survive a DDoS attack is to build your own data centers – like Apple, Google, Amazon or Microsoft – that can handle any amount of traffic. Most big corporations (not to mention small and medium businesses) do not have the ability to scale the way the Internet giants do. Apple built a 500,000 square foot data center worth about $1 billion in North Carolina that was finished in April. But for other companies, building their own data mammoth data centers is not an effective use of resources.
“About the only thing to do is beef up or go into a cooperative,” said Chester Wisniewski, a security researcher and blogger with Sophos, in a recent interview. “That is the advantage that small and medium business have with being in a giant cloud. They pay a small amount for the data they use yet have all the benefits of being in a massive data center.”
“Our complacency is contributing to criminal acts because we are do lazy to take the right steps to prevent it.”
-Chester Wisniewski, Sophos
“Companies can set up a cooperative in their region or industry,” Wisniewski said. “Set up a protocol to distribute infrastructure that could withstand 1,000 times to 5,000 times their traffic in an attack.”
Cooperatives essentially form a networked cloud which allow companies to cordon off the attack and stream it into a “black hole” where it is not longer affecting their servers.
Wisniewski said anti-DDoS companies such as Damballa Security, ServerOrigin and Arbor Networks purchase extra bandwidth that can be used as an elastic option if a company is being targeted.
“DDoS attacks are a risk so it is really like buying insurance,” Wisniewski said.
Everybody Has A Role in Cybersecurity
Do you use a computer? A PC or a Mac or something running Linux? You may not think it, but you and the people you know may be directly responsible for the security of the Internet.
Botnets are comprised of thousands or millions of malware infected computers. Tied together, those computers can process much more bandwidth than any one computer or server alone. DDoS attacks are all about bandwidth. That is the reason that hackers like to distribute botnet malware at places that have “fat tubes” such as universities and corporate PCs.
Most DDoS attacks could not exist without botnets (sometimes groups form voluntary botnets to launch attacks, but that is a different story). As such, the easiest way to prevent the attacks is to limit the resources of the botnets. Installing and maintaining security software on your computer is the easiest way to thwart attackers. Always be wary of suspicious links or websites. When in doubt, do not click.
“There is no good reason for your computer to participate in these attacks,” Wisniewski said. “Our complacency is contributing to criminal acts because we are do lazy to take the right steps to prevent it.”