As the name suggests, denial of service means, “denying the users of benefiting from a service”. In more technical terms, “a malicious attempt to make a server or a network resource unavailable to users, usually by temporarily interrupting or suspending the services of a host connected to the Internet.” When the attack uses one computer and one Internet connection to target the system or resource, then it is a simple DoS. When the attack uses multiple computers and Internet connections to flood the targeted resource, then it is called a DDoS (Distributed Denial of Service). Most of the modern day DDoS attacks (Distributed Denial of Service Attack) are global and are distributed via botnets. A very recent botnet attack was made up of “Internet of things” IoT, sich as digicams and DVR.
INTERNET OF THINGS (IoT)
The interconnection via the Internet of computing devices embedded in everyday objects, which are sending and receiving data on the internet. From micro level of Wearables such as Smartphones, smart watches, digital cameras, DVRs, moving towards more macro level such smart homes, appliances, smart spaces, service industries and smart cities, all of these are considered as IoT devices.
Also Read: W3 that changed the world
RECENT DEADLY DISTRIBUTED DENIAL OF SERVICE ATTACK
Where there is good, there is evil. When there’s a positive, there’s also a negative to balance the equation. Such is the way our world operates. The world of internet follows the same principle. It is full of people trying to disrupt our everyday life connected to internet. Distributed-denial-of-service Distributed Denial of Service Attack have been the tool of choice for cybercriminals since the dawn of the Internet. Distributed Denial of Service Attack have been in the spotlight since early 2000. Let’s take a look at some of the more recent DDoS attacks worldwide.
RUSSIAN BANKS ATTACKED BY DDoS
5 major Russian banks attacked including Sberbank and Alfabank, by Mirai botnet, compromised of IoT devices. David Kennerley, director of threat research at Webroot, commented “If the default password had been changed, many of the webcams and CCTV devices that formed the botnet army would not have been successfully hijacked.” The attacks involved at least 24,000 computers, located in 30 countries, mostly situated in the US, India, Taiwan and Israel. The power of the attacks peaked at 660 thousands of requests per second. Some of the banks were attacked repeatedly.
NATIONAL CRIME AGENCY WEBSITE TAKEN DOWN BY DDoS
The National Crime Agency’s (NCA) website of UK, which is equivalent of USA’s FBI, suffered a slight outage today as a result of a distributed denial of service Distributed Denial of Service Attack that made it difficult for users to access its public-facing site. It is not clear what tool was used to attack the website. A spokesperson at NCA indicated that attack did not cause much of a damage by saying “At worst it is a temporary inconvenience to users of our website.”
DDoS ATTACKS ON CLINTON AND TRUMP CAMPAIGN WEBSITES
Hackers attempted four 30-second HTTP layer 7 attacks targeting the campaign websites of Clinton and Trump. There were four Mirai botnets used to target the campaign websites, but neither site observed or reported an outage. According to Flashpoint cyber intelligence, identity of the hacker remained unknown. The attack has not targeted nor impacted the infrastructure of the electoral process. It is possible that the hackers may not have been politically motivated, the Flashpoint post said. These underground hackers are often driven by the desire for attention, credibility, or disruption, and concerns over Election Day attacks offer an opportunity to capitalize on that.
LARGE SCALE DDoS ATTACKS DISABLES INTERNET THROUGHOUT LIBERIA
Mirai DDoS botnet disabled all internet access throughout the country of Liberia in the recent series of massive cyber-attacks, reported by British security researcher Kevin Beaumont. The attack exceeds 500 Gbps, which is massive in size. According to an employee at a Liberian mobile service provider “It’s killing our revenue”.
MASSIVE DDoS ATTACKS DISABLES TWITTER, SPOTIFY AND OTHERS
Mirai botnet’s first major large-scale attack was the one which disabled social media sites Twitter, Spotify, Sound cloud, Shopify, Netflix, Reddit in USA. The attack which is considered as one of the biggest in recorded history, attacked the servers of Dyn, a company that controls much of the internet’s domain name system (DNS) infrastructure. It started on the morning of 21st October and remained active for most of the day. The attack involved 100,000 malicious endpoints and had the strength of 1.2 Tbps. Users were unable to access or log in to sites throughout the day as a result of this.
Also Read: Decline of Web Giant YAHOO
DDoS ATTACKS BBC ON NEW YEAR EVE
On 31st Dec 2015, BBC was down for three hours including its on-demand television and radio player. The attack was claimed by a group called “New world hackers” and the rate was 600 Gbps, the largest recorded last year.
HOW TO MITIGATE A DDoS ATTACK
To be honest, one cannot 100% completely protect itself from every Distributed Denial of Service Attack, especially big ones exceeding size of 500 Gbps. Few tips which can increase the defensiveness are:
Increasing the bandwidth
If you can buy more bandwidth then the onslaught of attacking bots cannot overwhelm your site. But this requires massive funding.
Monitoring you traffic
A group of talented programmers can always constantly monitor your website, keeping an eye on the first signs of unusual traffic entering the site. This way you can repel the attack, even before it has the chance to grow into something massive.
I cannot emphasize more on this, get a firewall system installed of you don’t have one. Why? Because firewall is the first line of defence against malicious attacks, which will decrease the effectiveness of the DDoS. You should get both a network firewall to protect your PCs and WAF (web app firewall) to protect your web app.