Page 109 - Cyber Defense eMagazine forJune 2021
P. 109

In this article, we will explain what DDoS attacks are and how they work. We will also provide you with
            some practical tips on how to implement DDoS defense tactics that can really make a difference.


            DDoS Attacks Explained
            A DDoS attack involves directing a large amount of fake traffic to a targeted network in an attempt to
            overload and crash it. Specifically, a DDoS attack manipulates legitimate internet-based resources, such
            network time protocol (NTP), domain name system (DNS) servers and caching services, to send traffic
            to crash network connection devices. These network devices can include routers, switches and firewalls,
            as well as equipment used by internet service provider (ISP) companies. Because these targeted network
            resources  try  to  process  each  received  request  as  if  it  was  legitimate,  the  targeted  resources  soon
            become overwhelmed by the fake traffic – and fail. As a result, the attacker effectively denies access to
            the organization’s entire network presence.


            DDoS attacks are relatively easy to execute and extremely efficient. Hackers can target internal networks,
            thus halting business processes for an entire company. Both small and large corporations are equally at
            risk. Even major brands are not safe from DDoS attacks. Smaller organizations often fall prey to DDoS
            attacks, because they believe they can’t afford to protect themselves.


            How Can You Protect Yourself Against DDoS Attacks?
            Modern  technologies  and  fast  global  networks  have  made  DDoS  attacks  easier  to  execute  and
            exceptionally dangerous. The IoT (internet of things) industry is specially to blame since such devices
            traditionally do not have proper security embedded within them. As a result, hackers use IoT to create
            massive botnets that generate the huge amount of traffic needed for a DDoS attack. Threat actors have
            also identified how to manipulate legitimate network services to send illicit traffic.


            It is a common perception that all DDoS attacks involve large volumes of traffic. But in fact, most DDoS
            attacks are not “volumetric” by nature. The majority of attacks use relatively low volumes of malformed
            packets that nevertheless can crash the critical network connectivity devices for an organization. These
            low-volume attacks are often called protocol-based attacks, because threat actors make subtle changes
            to  network  protocol  packets  that  make  them  dangerous  to  the  devices  that  receive  them.  So,  it  is
            important to protect against both volumetric and protocol-based attacks.


            This is why there is no single way to protect your server against DDoS activity. Typical security solutions,
            such as the use of traditional firewalls, network-based intrusion detection and backups, are simply not
            enough to efficiently detect and mitigate this type of cyberattack. The best you can do is a combination
            of security software solutions and internal practices.


            Let’s take a look at some of the basic, yet effective, measures you can take to defend yourself against
            DDoS attacks.







            Cyber Defense eMagazine – June 2021 Edition                                                                                                                                                                                                109
            Copyright © 2021, Cyber Defense Magazine.  All rights reserved worldwide.
   104   105   106   107   108   109   110   111   112   113   114