You might have seen or read in the news that companies are getting hit by DDoS attacks, but have wondered about what exactly they are, how they affect a company and whether or not they can be prevented. Well we have put together this article to take you through the basics and hopefully give you a better understanding of something that appears to be on the increase worldwide.
What DDoS attacks are
Distributed denial-of-service (DDoS) is a computing attack which has the intent of making a machine or network resource become unusable by its intended users. The simple idea is that a person or persons will make so many requests on the targets website, network or internet connected machine that it cannot cope and either ends up needing to reboot or will end up so slow that it is deemed as unresponsive. Attacks can last for a few hours, or a few days; it is all dependant on the attacker.
A DDoS attack is the same as a DoS (denial-of-service) attack, the only difference being that more than one person will be involved in a DDoS attack where as a DoS attack will come from 1 person or 1 system.
DoS attacks come in many forms and variations but generally they can generally be classed into five main categories:
- Using up all of a computers resources such as bandwidth, memory, processor time or disk space
- Obstructing communications between the victim and the intended users
- Disrupting configuration information such as routing information
- Disrupting the physical network components
- Disrupting state information such as unauthorised resetting of TCP sessions
We won’t go in to all the details about the various attacks in this article. You can however read all about the different types of attacks, such as Smurf Attack, Tear Drop, Ping Flood and Ping of Death by following the relevant links. Be warned that there is a lot to read, but it is very interesting.
How they can affect a company
A recent survey in May 2014 by Vanson Bourne found that half of UK organisations that responded had been attacked for more than six hours straight in the last year. That was an increase of 35% in 2013. It is also worth noting that estimated losses due to DDoS attacks were averaged to be around £240,000 for any attack lasting over 2 hours. Whilst for many companies it is unimaginable that any downtime could cost so much, you must remember that during downtime all your normal costs will continue to occur even if you cannot make any revenue to cover them; you still have to pay staff, and you still have overheads.
Companies that are attacked once are also finding that they become repeatedly attacked. 48% of the surveyed companies that had been attacked, had been attacked between 2 and 10 times.
Can DDoS attack be prevented?
There are certainly ways to improve your chances against attack by using a combination of detection methods such as network and server monitoring, and editing the rules within firewalls switches and routers.
Another still large issue is the number of vulnerable servers still in operation. If you are using a Network Time Protocol server (NTP) then you are at risk of being attacked. The same is also true if you are still using Windows XP as your operating service. If you compare the cost of upgrading your out dated hardware and software to the cost you could incur should you be attacked, then the choice should be quite clear cut; it’s time to upgrade.
For more information on this and other issues from our team, contact us on 0208 232 1190 or drop us an email.