- Get link
- X
- Other Apps
Definition, Symptoms, and Function
DDoS attacks do not belong
directly to malware,
but a cybercrime. In theory, your computer can also become part of such an
attack. That is why we show you what a DDoS is and how you can protect
your computer.
The term DDoS is an abbreviation for Distributed Denial
of Service. It is a form of attack that hackers use to put their victim's
website out of operation with countless requests from thousands of computers. Botnets
are often used for a DDoS attack. A botnet is the hundreds or thousands of
computers that are hacked and controlled remotely by cybercriminals. This
gives a DDoS attack a lot of computing power, with which servers or individual
network components and databases can be targeted. Also, it is possible to attack internet-enabled devices with a DDoS, e.g. production
machines.
A DDoS attack can have very complex consequences for companies. Ecommerce
websites stop making revenue while their servers are downtime. Also, a server failure can lead to disruptions in the production process of
companies or in the delivery of goods. If a website is down for a long
time, this error can also lead to a loss of image and trust in the company
because customers can no longer reach the company online.
This
is how a DDoS works
In a DDoS attack, attackers use a routine on servers
that respond to a request. The attackers do not use their own IP address
for a DDoS, but the IP address of the attack target. The server does not
respond to the supposed client, but to itself. This results in an endless loop
of server requests and responses. However, since the responses can be up
to 4,096 bytes in size, the increasing number of requests results in a very
high data rate, which ultimately overloads the server and causes it to
collapse.
Since DDoS attacks are carried out as a botnet with several
hundred or thousand computers, even large servers can give up quickly.
Modern name servers can usually recognize more quickly whether a
request comes from the same IP address again and again and block the request. However,
so-called recursive servers are usually used in company networks to accept the
same requests over and over again and are therefore popular targets for
hackers.
What
other methods are used in a DDoS attack?
In addition to the classic attack via the Domain Name The system, DDoS attacks can also take place on other levels:
|
Attack on the
network: |
A provoked overloading of the network bandwidth of a
server can cause it to collapse from overload. |
|
Attack via web requests: |
In everyday life, there are
always examples that servers are no longer accessible because a particularly large number of people access them within a short period of time, e.g. when selling tickets for a very popular and famous band. In the case of a
DDoS, this process can be created artificially. Many thousands of computers are connected for this purpose. They all then access a website at once. Such DDoS attacks are difficult to detect for security systems such as firewalls,
as each access takes place via a different IP address. |
In general, a DDoS attack is always about overloading a system.
Why do
hackers use DDoS attacks?
DDoS attacks can be carried out for different reasons:
- In some cases, they are used as a protest against governments or companies.
- DDoS attacks are used by criminals, for example, to blackmail companies.
- Criminal hackers get paid by competitors to cripple a competitor's website.
- A DDoS attack is used to bypass the security system and install malware on the server.
What is a botnet and
what does it have to do with a DDoS?
For DDoS attacks to be effective at all,
attackers need a very large number of computers. To do this, they infect a
large number of computers with malware. This contains so-called
"backdoor" programs. They now enable the attackers to control
the infected computers remotely. The perfidious thing about it: infected
computers infect other computers themselves. In this way, a botnet can
grow exponentially and ultimately comprise several hundred thousand computers. Only
a few servers can withstand this computing power.
The Internet of Things (IoT) is becoming more and more important
for DDoS attacks. In addition to computers, networked devices such as
Internet-enabled televisions, surveillance cameras, routers, or set-top boxes
can also be used for botnets and DDoS attacks. In many cases, the devices
are operated with outdated firmware or with standard passwords, which makes
breaking into the systems much easier.
DDoS is
punishable by law
DDoS belong to the area of computer sabotage and therefore
fall under criminal law. Those responsible can face up to ten years in
prison if convicted.
Possible
symptoms of a DDoS attack
If you as a user can no longer access a website because
the server cannot be reached, it could be a DDoS attack. Companies can
determine a corresponding attack based on log file analyzes and performance
losses on the server.
How Can
Companies Protect Themselves from A DDoS?
Important protection against DDoS attacks is to be able to
detect such an attack in the first place. Companies can create DNS
statistics for this purpose, for example, and determine average values for the
file size of requests. Also, the analysis of the statistics helps
to identify possible anomalies and patterns. For example, if a company
finds that most users access the site on weekdays between 10 a.m. and 4 p.m.,
increased access at 3 a.m. could indicate a possible DDoS attack or attempt.
In addition to these analyzes, firewalls and the closing of
security gaps in all network components are among the protective measures
against DDoS.
Many companies build additional server capacities to be
able to intercept many requests at once.
Cybersecurity experts should design and
implement the protective measures.
What Has
My Computer Got to Do with A DDoS attack?
You yourself can become part of a DDoS attack if your computer
has previously been infected with malware by hackers. Computers with
outdated operating systems that have not been updated are therefore among the
popular targets of hackers. Operating systems with insufficient virus
protection are also victims.
How Can
I Prevent Becoming Part of A Botnet?
To protect yourself from malware that could attack your
computer, you can do the following:
1.
Use up-to-date virus protection software with up-to-date virus
definitions. This will reduce the likelihood that your computer will
be infected with a computer
virus or a rootkit.
2.
Do not click any links on dubious websites.
3.
Do not open any email
attachments from recipients you do not know or
whose email address is very cryptic.
4.
It is best to only use your computer with guest access in
everyday life. This is a very simple way of preventing hackers from
gaining root privileges if they infect your computer.
Conclusion:
DDoS is rather rare in the private sector, but you can still actively
contribute to preventing botnets
As a private user, there is a high probability that you
will not be a direct victim of a DDoS. But by protecting your computer with total security software you
can help prevent botnets from emerging.
Comments
Post a Comment