Page 109 - Cyber Defense eMagazine forJune 2021
P. 109
In this article, we will explain what DDoS attacks are and how they work. We will also provide you with
some practical tips on how to implement DDoS defense tactics that can really make a difference.
DDoS Attacks Explained
A DDoS attack involves directing a large amount of fake traffic to a targeted network in an attempt to
overload and crash it. Specifically, a DDoS attack manipulates legitimate internet-based resources, such
network time protocol (NTP), domain name system (DNS) servers and caching services, to send traffic
to crash network connection devices. These network devices can include routers, switches and firewalls,
as well as equipment used by internet service provider (ISP) companies. Because these targeted network
resources try to process each received request as if it was legitimate, the targeted resources soon
become overwhelmed by the fake traffic – and fail. As a result, the attacker effectively denies access to
the organization’s entire network presence.
DDoS attacks are relatively easy to execute and extremely efficient. Hackers can target internal networks,
thus halting business processes for an entire company. Both small and large corporations are equally at
risk. Even major brands are not safe from DDoS attacks. Smaller organizations often fall prey to DDoS
attacks, because they believe they can’t afford to protect themselves.
How Can You Protect Yourself Against DDoS Attacks?
Modern technologies and fast global networks have made DDoS attacks easier to execute and
exceptionally dangerous. The IoT (internet of things) industry is specially to blame since such devices
traditionally do not have proper security embedded within them. As a result, hackers use IoT to create
massive botnets that generate the huge amount of traffic needed for a DDoS attack. Threat actors have
also identified how to manipulate legitimate network services to send illicit traffic.
It is a common perception that all DDoS attacks involve large volumes of traffic. But in fact, most DDoS
attacks are not “volumetric” by nature. The majority of attacks use relatively low volumes of malformed
packets that nevertheless can crash the critical network connectivity devices for an organization. These
low-volume attacks are often called protocol-based attacks, because threat actors make subtle changes
to network protocol packets that make them dangerous to the devices that receive them. So, it is
important to protect against both volumetric and protocol-based attacks.
This is why there is no single way to protect your server against DDoS activity. Typical security solutions,
such as the use of traditional firewalls, network-based intrusion detection and backups, are simply not
enough to efficiently detect and mitigate this type of cyberattack. The best you can do is a combination
of security software solutions and internal practices.
Let’s take a look at some of the basic, yet effective, measures you can take to defend yourself against
DDoS attacks.
Cyber Defense eMagazine – June 2021 Edition 109
Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.