Distributed Denial of Service (DDoS) Attacks
Be Informed; Be Prepared
Recently, high-profile Distributed Denial of Service (DDoS) attacks against many government sites, as well as popular social networking sites Twitter and Facebook, have brought network vulnerabilities into the limelight. But these attacks were not the largest attacks in Internet history, nor did they cause the most damage. Unfortunately, DDoS attacks happen every day on a much larger scale and with more damaging effects than the attacks on Twitter. It is unknown exactly how many websites are susceptible to these types of attacks, but estimates range from tens of thousands1 to millions2 . We have compiled a timeline of major DDoS attacks.
More than half of Internet name servers ... are vulnerable to ... DDoS attacks,"The Measurement Factory reports3.
Worse, the incidences of DDoS attacks are rising. DDoS attackers are using open source software to perform these attacks, and their level of sophistication is evolving rapidly. They're becoming easier and easier to deploy. In addition, DDoS viruses and botnet agents lie dormant on thousands of machines, waiting silently to target on command. OS News reports that there is now even malware for the Mac that performs DDoS attacks4 .
Know the Difference: DoS vs. DDoS Attack
The goal of any DoS, or Denial of Service, attack is to cripple a web site, either temporarily or permanently, so that the web site can no longer respond to legitimate requests. A DDoS, or Distributed Denial of Service, attack occurs when multiple systems overwhelm the bandwidth of a particular target simultaneously. This is clearly the larger of the two threats, because the attack is sped up, so response time necessary by the target decreases, plus the volume of attacks increase, so damage increases incrementally.
How Does a DDoS Attack Work?
There are many different types of DDoS attacks, but generally the attacker or attackers pummel a site with false external communication requests that overwhelm it and render it useless. Wikipedia has excellent general descriptions of the variations of DDoS attacks5 .
How Can You Tell if You're Being Attacked
The United States Computer Emergency Response Team lists the symptoms of denial-of-service attacks as6 :
- Unusually slow network performance (opening files or accessing web sites)
- Unavailability of a particular web site
- Inability to access any web site
- Dramatic increase in the number of spam emails received
Who is Vulnerable?
Although high-profile sites that are reliant on the Internet for business success are often targeted, many smaller web sites have also been brought down. If a website has a competitor, who has the necessary knowledge or is willing to enlist the services of a black-market botnet provider, that site is vulnerable.