DDoS Attacks: All You Need to Know

Most people think that high-speed internet and increasingly reliable defence methods have made DDoS attacks a thing of the past.

They’re wrong.

The threat of a DDoS attack is very much alive today and is as dangerous as ever. Statistics reveal that there are over 400 DDoS attacks per day in Australia. Furthermore, GitHub, an American web-based hosting service provider was hit with a world record-setting DDoS attack in March of this year.

Over the course of this blog, we’ll discuss what a DDoS attack is and the dangers it poses.

What is a DDoS Attack?

A Distributed Denial of Service (DDoS) attack is an attempt to make a targeted online system or service unavailable by swarming its servers with traffic from multiple addresses, until the point the server goes down. DDoS attacks target all sorts of online platforms such as banks, online merchants and news websites. If successful, DDoS attacks can make important data inaccessible. These attacks come in a variety of different forms. Here are four of the most common ones.

1. TCP Connection Attacks

This type of DDoS attack functions by consuming all the connections to infrastructure devices such as application servers, load balancers and firewalls. TCP Connection attacks are so potent that they can even take out powerful devices that have millions of connections.

2. Volumetric Attacks

All about causing congestion, volumetric DDoS attacks either use up all the bandwidth within the network of the target, or the bandwidth between the network of the targeted service and the internet.

3. Application Attacks

Application attacks swarm a particular aspect of a service or an application. It can be very challenging to detect and mitigate these as they are even effective with a low traffic rate.

4. UPnP Attack

This type of attack attempts to exploit an existing weakness in the UPnP (Universal Plug and Play Protocol) to bypass most of the integrated defence methods and swarm the target’s servers and network.

Smokescreen DDoS Attacks

In addition to bringing down the targeted online service, DDoS attacks are also used as a decoy for other cyber attacks such as financial fraud and data breaches. In many cases, an incident of data breach is preceded by a series of DDoS attacks. Hackers use DDoS attacks as a component of an attack strategy. The hacking initiates with DDoS attacks which divert the attention of the defence team, leaving an open playing field for hackers to inflict some serious damage.

To ensure that the servers and network of your organization are safe from threats such as DDoS attacks, contact us at Lean Security. We are experts in web security assessment and we offer affordable and effective security testing services.