DDoS Attack

Detection prevents disruption

What is a DDoS attack? Whilst perhaps more a cybersecurity concern than an information security one as this type of attack doesn’t compromise information, denial of service attacks, most commonly Distributed Denial of Service or ‘DDoS’ attacks, are incredibly common and plague countless businesses every year.

Seeing a 542% rise in the first quarter of 2020, DDoS attacks were for some time considered an attack of the past, however that trend has recently been reversed and DDoS attacks are back on the rise.

Whilst awareness alone will not prevent these attacks from happening, ensuring you’re aware of the signs of one taking place can help ensure the attack is stopped as soon as possible, preventing disruption and financial loss before they can occur.

What is a Denial of Service attack?

A denial of service attack involves just that: stopping the use of a service that matters to the function of the business in question. Usually, the service in question will be a company website or servers.

Denial of service attacks work by sending large volumes of requests to the service, preventing it from working. These requests sent to the service can vary, but the end result is the same, non-operation of a vital piece of business infrastructure. Think of these requests as questions and tasks being asked of the service. Like us, if given too many tasks we need time to work through them, and we wont be able to keep up until we have these resolved. The same is true of our business systems, and this is what makes the service unusable.

These attacks cannot extract information from the victim and therefore the effect of the attack is purely disruption and the financial loss that occurs from having the company website or servers offline. Attackers will often use these attacks to extort a ransom in return for the attack ceasing, or in some cases, "hacktivism", where a group with a political agenda will disrupt a website or business that conflicts with their views or spreads information they disagree with.

DDoS Attacks vs DoS Attacks

Both DDoS and DoS attacks work by sending large volumes of requests to a service, but the difference in these attacks is the source of the requests sent to the target service. DDoS attacks recruit a botnet, a team of enslaved computers that work together to flood the targeted service with requests. DoS attacks use only one computer and are therefore capable of sending fewer requests and are easier to track. DDoS attacks are therefore, and unsurprisingly, the most common form of this type of attack.

Signs of a DDoS Attack

In the event of a DDoS attack, you’ll notice a rapid decline in the performance of a service. This disruption will affect all employees and continue for sustained periods of time. Look out for the inability to access servers, the company website, or computers functioning very slowly.

What to do in the Event of a Suspected DDos Attack

In the recent of a suspected DdoS attack, do not wait before acting. If your systems or services seem slow, there is some things you should do immediately.

Contact your ISP

Contact your ISP and let them know that you suspect you are being attacked. They will have procedures in place to help mitigate the effect of a DDoS attack and will also appreciate being aware of a potential attack in case other customers could be at risk.

Activate security measures

Speak to your security or IT team regarding what measures are currently in place ahead of time if possible. Its more than likely that there are already measures such as Access Control Lists (ACLs) in place, which prevent traffic from suspected malicious sources being allowed into your network.

Another method that can be used is rate-limiting, which prevents multiple requests from single sources. This method is most useful when a web-based service is under attack.

Regardless of the methods chosen to protect your organisation before or during a potential DDoS attack, it is imperative that these methods are reviewed and assessed regular to ensure they are up to the job of protecting from a DDoS Attack. Ensure that the Security or IT team regularly review to ensure they’re up to the job, and there isn’t something better out there they could be using instead.

DDoS attacks can sneak in undetected at first, but the signs of an attack can be spotted before the attack is in full force. Therefore, as with all cybersecurity attacks, awareness of what is possible and the threats that your organisation faces can be the key to preventing lasting damage before it can occur.

Security Awareness for your Organisation

Enjoyed our blog? Learn more about how Hut Six can help improve you security awareness with training and simulated phishing. Start a free trial now, or book a meeting with one of our experts.

Featured

How GDPR Relates to you Personally

Does GDPR Apply to Individuals?

Does GDPR Apply to Individuals? How GDPR Relates to you Personally. Blog by Information Security Awareness Training provider Hut Six Security

GDPR Applications

Who Does GDPR Apply To?

Who Does GDPR Apply To? And Other Data Protection Questions/ Information Security blog by Information security awareness provider Hut Six Security.

Paper Records and Data Protection Law

Does GDPR Cover Paper Records?

Does GDPR Cover Paper Records? Paper Records and Data Protection Law blog by Information Security Awareness Training provider Hut Six Security.

Security Check for your Organisation

How Secure is My Organisation?

How Secure is My Organisation? Knowing where you are, before knowing where to begin. Blog by Information Security Awareness solution Hut Six Security.

Ransomware Propagation

How Does Ransomware get on your Computer?

How Does Ransomware get on your Computer? Chances are that in the last few years you've heard the term "ransomware". Blog by Hut Six Security.

Auditing for GDPR Compliance - Guest Blog

Guest Blog: How to Audit Your Business for GDPR Compliance

How to Audit Your Business for GDPR Compliance with a GDPR Business audit. Hut Six Security guest blog by https://reciprocitylabs.com/.

The Data Protection Act - Personal Data Breaches

What is a Breach of Data Protection?

What is a Breach of Data Protection? The Data Protection Act - Personal Data Breaches, Reporting and Consequences. Blog by Hut Six Security

Ransomware in the Education Sector

University Hit With $1.14m Ransomware Attack

University of California Ransomware Attack: a $1.1.4m ransom has been paid following a ransomware attack on University of California's School of Medicine.

Purpose of the Data Protection Act

What is the Purpose of the Data Protection Act?

What is the Purpose of the Data Protection Act? Blog by information security awareness training solution provider Hut Six Security.

Remote Working Security

Top 3 Remote Work Security Lessons

Top 3 Remote Work Security Lessons: remote work security blog by information security awareness provider Hut Six Security.