DDoS attacks: what are they and how to protect themselves?
DDoS attacks are on the rise and more and more are becoming a concern for web users and administrators of online environments. Only in 2017 were more than 250,000 invasions in Brazil, which represents an average of 30 attacks per hour.
Becoming more and more subtle and elaborate, DDoS attacks are taking the sleep of IT teams all over the world. If we consider that, each day, more instruments support their operations in Internet structures, the danger increases.
So in today’s post, you’ll better understand how these attacks work, what harm they can do to your business, and what are the most effective ways to protect against them. Check out!
What is the DDoS Attack?
A report published by Arbor Networks, a corporate network protection company, indicates that Brazil is the biggest target of Latin American DDoS attacks, as well as receiving the most intense interventions.
However, the origins of these attacks, which have their concept related to high-impact goals such as those of high-demand servers (Netflix, Playstation Network, etc.) or even space for hacking groups.
Also known as a denial-of-service attack, DDoS (Distributed Denial of Service) attacks occur when a user uses thousands of computers – also called zombie users – with the intention of depleting the resources available on a server, network or application. The sudden increase in traffic generates an overhead, causing real users to not be able to access the domain.
For the denial attack to materialize, it takes a large number of computers, which function as an army of the master machine – responsible for commanding the other users.
In order to gain access to so many servers, “malware” (viruses, trojans, backdoor’s, and so on) is created, which, after being disseminated on the network, installs resources that allow involuntary command.
What prevents the identification of the master machine is the number of users that access the domain with similar resources and IP numbers that constantly change – which also makes it difficult to recognize the user as a zombie machine.
Who are the main victims of the DDoS attack?
It is common for attacks to hit home machines, as they are often not properly protected or may have their software out-dated.
However, it is important not to think that only the smallest pages are vulnerable. Websites of large corporations have already fallen victim to hackers such as Amazon, E-bay and even Microsoft itself.
Information about e-mails, CRMs, automation tools, customer data, registration documentation, and dozens of other company operations are vulnerable to DDoS attacks, directly reflecting corporate productivity and security.
However, one cannot say what the main target of the attack is. Both the average user and the large corporations work with equally well-designed software and DDoS Protection systems that are compatible with the need of the equipment. What can determine the “target” machine are the real motivations of the hacker.
What are the hacker’s intentions and who have they reached?
The reasons for these attacks are the most varied: fraud attempts, acts of protest, competition among large hacking groups, among others.
Among the most well-known intrusions in Brazil, the attack on the Petrobras site in 2011 was highlighted. The company’s page was left out of the air for a few hours and a group of hackers named LulzSecBrazil – who insisted on identifying himself by the fact – claimed to fall into a blog post. In the publication, the group blamed the price of the fuel at the time for the action.
And do not stop there. The group announced that other major sites would also be attacked. On the same day, later, the federal pages presidência.gov.br and brasil.gov.br left the air.
Other more malicious and elaborate attacks have also been on the agenda. In 2016, an American computer protection company discovered an attack that occurred (including in Brazilian companies) through malware that used security cameras. The intrusion into connected security systems allowed access to sensitive data from banks and other large corporations that were eligible for fraud.
How to protect from DDoS attacks?
There are some practices that hinder invasions and are designed to protect against DDoS attacks. One of them is the adoption of a greater bandwidth, which aims to serve larger traffic, besides, of course, a reservation connection.
The installation of detection systems is also a viable alternative, which contrasts with the hiring of a specialist – which can be expensive in an emergency situation, as in most cases.
Mitigation systems – a widespread term in IT when it comes to reducing risk – are also effective in identifying which traffic is legitimate or not. The downside is that the process is time consuming and the urgency to normalize the page’s situation can make it an ineffective option.
And, finally, storing the data in a well-prepared cloud system for attack scenarios is another good practice to mitigate risk. Some companies have their ERP systems and CRMs completely hosted on the internet. An attack of this size can put all information at risk, paralyzing the system for hours or even days.
However, even if there are several forms of protection, none has its effectiveness 100% guaranteed. At the same time as developers create more modern and effective DDoS Protection systems, hackers update their attack codes and tools.
Therefore, taking preventive measures is the best option to avoid the invasion of your system, helping to ensure security for your business and to prevent contingencies.