Cybersecurity Glossary

DDoS Attack

Share :

What Is a DDoS Attack? 

A DDoS attack consists of multiple compromised systems attacking a target on your network, such as a server or your website, causing a denial-of-service error. The result? All of your legitimate users can’t access the network, while you get overwhelmed trying to clean up the mess. 

What Happens During a DDoS Attack? 

To launch an assault on your network, Hackers typically use malware to exploit vulnerabilities in a system or device. Once they’ve gained control of enough devices, they direct the exploited devices to send traffic to your network or website until it becomes overloaded and knocked offline. 

Keep in mind that a DDoS attack not only takes you down— it can also bring down sites and services that rely on your system. 

Notable DDoS Attacks 

In 2019, Amazon’s S3 object storage service was victimised in a DDoS attack, slowing down or preventing access to large numbers of websites that depend on AWS to operate. 

Another example comes from 2016, when a botnet army of about 100,000 connected objects slammed the DNS company Dyn with a powerful DDoS attack, resulting in companies that included Netflix and the New York Times experiencing website outages. 

In fact, that botnet exploit evolved into at least 63 variants and has doubled in activity from 2018 to 2019. 

Why IoT Devices Are Often Exploited 

While DDoS attacks have traditionally gone after websites and networks, Internet of Things (IoT) devices are also a major target. That’s because IoT devices are connected to the internet and company networks, but are rarely built and configured with the same level of IT security scrutiny as other attack surfaces.  

As a result, IoT devices make it relatively easy for hackers to launch an effective DDoS attack. Because IoT devices are used to run machinery, monitor performance, and improve operations, DDoS attacks on such devices can significantly impact the lives of employees and customers alike.   

Smoke and Mirrors 

DDoS attacks are the perfect distraction in terms of misdirection. That makes them a devastatingly efficient way to throw an organisation’s incident response team off a hacker’s trail. 

While an organisation scrambles to respond to a DDoS attack, quieter network activity may fly under the radar. This allows bad actors to establish a backdoor trojan through which malware, such as keyloggers or ransomware, can go in and sensitive data can come out. 

According to IT Pro Portal, 56 percent of respondents to a poll conducted by cybersecurity researchers see evidence that DDoS is being used as a smokescreen. More than a quarter of respondents said that when they lost data from targeted attacks, DDoS was involved as a diversionary tactic. 

It’s estimated that there are 16 DDoS attacks every minute 

How to Prevent a DDoS Attack 

The most effective way to prevent a DDoS attack is to ensure that no vector is left unattended. A prudent course of action is to assign specific staff members to monitor certain channels. This requires strength in numbers, though, which is not exactly a strong point for small to midsize enterprises. 

There are two ways that this gap can be addressed: 

Through the use of real-time, AI-based threat detection technology that continues to monitor all network activity for threats during a DDoS attack. 

By engaging a third-party security provider with the expertise and resources needed to help strategise and execute an incident response plan. 

It’s worth noting that these are not mutually exclusive solutions. Managed detection and response (MDR) vendors play the dual role of a security operation center (SOC) and incident response consultant. This makes it possible to identify an attack early on and keep eyes on the network during the storm of a DDoS.  

Arctic Wolf’s Managed Detection and Response provides comprehensive, 24×7 monitoring of your network, along with ongoing vulnerability assessments and threat analysis to help you reduce your risk and stay ahead of threats. In addition, our Concierge Security® Team of experts can help you effectively respond to incidents and improve your overall security posture. 

Picture of Arctic Wolf

Arctic Wolf

Arctic Wolf provides your team with 24x7 coverage, security operations expertise, and strategically tailored security recommendations to continuously improve your overall posture.
Share :
Subscribe to our Monthly Newsletter

Additional Resources For

Cybersecurity Beginners