The internet has become such an integral part of everyday life that it’s sometimes easy to forget how vulnerable you can be to online threats. If you’re a gamer, website owner, involved in the running of a site, or even just a general internet user, one of these threats comes from something known as DDoS attacks. Fortunately, there are a few simple precautions you can take to protect yourself or your business.
What is a DDoS attack?
A distributed denial of service (DDoS) attack is the name for an attempt to interfere with the usual traffic on a specific network, server, or service by flooding the target with a massive amount of data with the aim of overwhelming its normal functioning and making it essentially unusable for a time.
A good analogy for a DDoS attack is a traffic jam. When a DDoS attack hits, all the ‘roads’ in a certain area are suddenly filled with traffic, temporarily stopping all the normal traffic from moving anywhere and getting to where it’s supposed to be.
How do DDoS attacks work?
Well, the perpetrator will generally make use of devices and computers of random people who are not aware of their part in the attack – that’s because their machines have been enslaved by using malware. Once malware allows the attacker to control the devices remotely, these devices are known as bots, and a collection of them forms a botnet.
Using the botnet, the attacker can send a large number of requests to a specific IP address in an attempt to add so much malicious traffic that the target cannot handle it. The fact that DDoS attacks are made up of lots of individual bots makes them difficult to stop, as the requests are often indistinguishable from the usual day-to-day traffic.
How to stop DDoS attacks
For individuals (especially gamers)
While DDoS attacks can target anyone, some of the most common targets for DDoS attacks are, perhaps surprisingly, gamers. This is because online gaming is a massive and highly competitive industry that many people are very passionate about. Additionally, there is a lot of gambling on the outcomes of tournaments, making them a target for attackers looking to influence the results and make an easy profit.
DDoS attacks on gamers can cause lag, putting one side at a disadvantage, or even cause multiple people to be forced out mid-game. The attacks are common in modern gaming, so it’s important to know how to protect yourself against a DDoS attack. Some of the most effective steps you can take are:
- Use a VPN: Virtual private network (VPN) providers conceal your real IP address by routing traffic through a different server. Hiding your IP makes it very difficult for attackers to target you, making VPNs an affordable and effective way to avoid DDoS attacks.
- Reset your IP address periodically: Resetting your IP address makes it hard for would-be attackers to pin you down and target you. You can easily reset your IP just by unplugging and plugging back in your router. Alternatively, you can manually change it via your computer’s settings. The easiest way to do this is, of course, using a VPN and connecting to a different server.
- Avoid following links in chats: A common tactic attackers use is to post malicious links in an in-game chat. They may be disguised to look legitimate, but clicking on them can make you vulnerable to a DDoS attack. The best defense is to completely avoid them.
- Install security software: If you don’t have any, we recommend installing security software from a trusted provider. It’s also important to update any software regularly to patch any vulnerabilities that might appear over time.
- Improve your home connection: It’s a good idea to regularly (every three-five years) get new hardware for your home network. A lot of hardware now has inbuilt protection, so this can be a good choice if you want to add another layer of protection against DDoS attacks.
The procedures for preventing DDoS attacks are a little different for businesses. Gamers are often on a home connection, so things like unplugging and plugging back in a router are easy to do. For businesses, this is not usually a realistic way to operate. In the case of an attack on your business or to reset your IP address, you may need to contact your internet service provider (ISP).
One effective defense is to buy and install special equipment that filters incoming traffic to only let through legitimate traffic, and can detect a lot of attempted DDoS attacks.
Cloud-based defense systems also exist to help filter and block suspicious incoming traffic. Also, it can be beneficial to have a large, high-capacity network that is capable of absorbing most attacks.
None of these methods are completely infallible, but they should help businesses avoid most DDoS attacks.
What are some common types of DDoS attacks?
There are multiple different types of DDoS attacks that can be used by malicious actors, which is one of the major challenges when it comes to trying to defend against them.
Networks can be visualized as being built in layers (as per the OSI model), with each layer covering a different fundamental part of the network and contributing to the way it functions for users.
Different DDoS attacks work by targeting specific layers of this model. But to complicate things further, most modern attacks involve a combination of several different kinds of attacks. Some common types of attacks include:
Application Layer Attacks
These attacks target the layer of the network associated with creating and delivering web pages when HTTP requests are made. These HTTP requests can be complex to fulfill, requiring multiple files, so if enough HTTP requests are made, then the network can quickly become overwhelmed.
These attacks aim to create an unmanageable amount of traffic in a network by using all the available bandwidth. Often, the attacker will use tricks to amplify the amount of information they can send, for example requests from different sources.
A protocol attack works by overusing certain resources of the target network/server, such as load balancers and firewalls. The result is that the target site or service becomes unusable as users can’t access it.
HTTP Flooding is what most people consider a DDoS attack to be; it uses a botnet to send a lot of simple requests to a service. Since they’re made by just entering a website address and not via some more complex means, they look like regular traffic and are hard to filter out.
An example of a volumetric attack is DNS amplification. This attack uses a spoofed IP address of the intended victim to send many small requests to services that require large responses. When those responses come back, they go to the target and overwhelm their system.
An example of a protocol attack is an SYN flood. SYN is a message sent to establish a TCP connection. A service usually acknowledges this, and a connection is opened. However, no connection is established in a SYN attack, the TCP table tracking requests flood, and no connections can be made until it clears.
How dangerous are DDoS attacks?
DDoS attacks are becoming more and more prevalent worldwide, and 2020 was a particularly bad year for many targets of DDoS attackers. For example, the New Zealand stock exchange was even taken completely offline for several days in late 2020 by a successful DDoS attack, showing that coordinated DDoS attacks can have a big impact even on seemingly secure institutions. Even public institutions such as schools have been targeted recently.
The motivations behind DDoS attacks are usually such:
- The most common reason is monetary, with perpetrators often attempting to extort a ransom from the victims in the form of cryptocurrencies like bitcoin under threat of further attacks.
- Some attacks are politically motivated, with several news outlets around the world being targeted throughout 2020.
- For gamers, DDoS attacks are meant to degrade their performance in the game or boot them out completely. This can put you at a severe disadvantage or even lose you a game, making them a real nuisance and even a threat to some people’s livelihoods.
All of this shows that DDoS attacks do present a genuine threat to businesses and institutions worldwide. Therefore, it’s important to take as many precautions as you can to prevent a DDoS attack from affecting you.
Get your DDoS protection ASAP
It’s clear that DDoS attacks are an issue for individuals, businesses, and even public institutions. However, there are a number of effective ways to avoid attacks and ensure you have DDoS protection.
One of the most effective and most accessible ways for the average person or business to give themselves DDoS protection is a good VPN. VPNs can automatically hide your IP address, making it much harder for anyone trying to commit a DDoS attack to find you and target your network.