By making websites and services unavailable, the Denial-of-Service (DoS) and Distributed-Denial-of-Service (DDoS) attacks have become the visible symbols of hacking and cybercrime. Often targeting high profile companies and web servers, the hackers responsible can gain fame and notoriety, along with punishments including imprisonment. Dealing with this challenge has become a speciality for many internet hosts.
The first major example of DDoS attacks occurred in 2000, when Michael Demon Calce, operating under the alias MafiaBoy, launched attacks against companies including Yahoo!, Amazon, Dell, eBay and CNN. More recently the hacking group Anonymous has filed a petition on the White House website looking for DDoS attacks to be acknowledged as a legal form of protest. Anonymous launched a number of attacks against companies that they believed were impairing Wikileaks in 2010, and more recently led campaigns against Syrian government websites to protest the shutdown of the internet in that country, and against the Israeli government in protest of attacks on Gaza.
The rise of nations engaging in cyber warfare is also shown by news that recent DDoS attacks targeting several U.S banks is most likely being waged by Iran.
What is Involved in Denial-of-Service attacks?
The definition of a Denial-of-Service or DDoS attacks is to make a machine or network resource unavailable, generally by overwhelming it with external requests so that it either collapses or runs so slowly it can’t be used – as if you attacked a café by sending thousands of people to all order coffee every minute of every hour.
Various methods can be used to achieve an outage, and techniques have certainly evolved in the decade since Mafiaboy gained infamy. The methods include consuming resources, and disrupting configuration information, physical components or the communications between the target and intended users.
The Distributed-Denial-of-Service attack is named because multiple external systems are used to overwhelm the target, often using huge numbers of computers already compromised by malicious software to unknowingly function as a botnet. These armies of malware-infected computers can be aimed at a single website or server to cause it to fail.
How to deal with the Denial-of-Service risk?
Fortunately, although the high profile successes of groups such as Anonymous are widely reported, the hosting industry has responded by increasing security and resources so that countless unreported attacks are regularly defended against.
Technology has also greatly improved. Behind firewalls to deflect the more simple attacks, equipment including switches and routers can be set with rate-limiting, access control lists (ACL), traffic shaping and other mechanisms to prevent outages. In addition to DoS Defence Systems which can block attacks, internet service providers can also route malicious traffic to a ‘black hole’ – a non-existent server.
Many of the steps to handle DDoS attacks are similar to those which occur with an Unintentional Denial of Service, such as a huge traffic spike when a celebrity dies or a website goes viral.
When you’re choosing a hosting company and believe that your website or service may be a potential target for attacks, it’s important to check what measures your host has in place, and what experience they have in dealing with similar challenges. The rise in cloud computing also means that many cloud hosting companies are able to quickly add additional resource to a website or application. That can keep your business online while the problem is being resolved.