Denial of Service Attacks

A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources.

  • 2018, an average number DDoS attacks registered against targets in approximately 80 countries;
  • Over 95% occurred in the top ten countries.
  • China holds a record of 48% of all DDoS attacks.
  • The number of recent attacks, targets, and the number of long-duration attacks rose significantly;
  • One of the longest attacks on record in 2018 took place for more than 12 days
  • Targets include  a wide variety of important resources, from financial institutions to news websites
  • DDoS attacks present a major challenge for people who publish and access important information.

<iframe width=”560″ height=”315″ src=”https://www.youtube.com/embed/NogCN78XN2w” frameborder=”0″ allow=”accelerometer; autoplay; encrypted-media; gyroscope; picture-in-picture” allowfullscreen></iframe>

Denial-of-service attacks are characterized by an explicit attempt by attackers to prevent legitimate use of a service. In the US, denial-of-service attacks may be considered a federal crime under the Computer Fraud and Abuse Act with penalties that include years of imprisonment. The Computer Crime and Intellectual Property Section of the US Department of Justice handles cases of DDoS.

There are two general forms of DoS attacks: those that crash services and those that flood services. The most serious attacks are distributed.

Top 10 Countries affected by DDos, both as attackers and targets:

  1. China
  2. United States
  3. South Korea
  4. Hong Kong
  5. Great Britan
  6. Canada
  7. Japan
  8. Germany
  9. France
  10. Russia

Categorization of DDoS

  • TCP Connection Attacks – Occupying connections
  • Volumetric Attacks – Using up bandwidth
  • Fragmentation Attacks – Pieces of packets
  • Application Attacks – Targeting applications

Types of DDoS

  • Distributed DoS
  • Application Layer Attacks
  • Advanced persistent DoS
  • Denial-of-service as a service

On occasion, an unintentional denial-of-service can occur when a system ends up denied  due to a sudden enormous spike in visits. This can happen when an extremely popular website posts a prominent link to a second, less well-prepared site, for example, as part of a celebrity announcement where visitors go directly to the popular information distribution source following up on a major news outbreak. The result is that a significant proportion of the primary site’s regular users bring unusually large traffic to the site, creating unintentional bandwidth flood on the target website, resulting in what presents as a DDoS attack.

DDoS Techniques

  • E-mail bombing
  • Attack tools
  • Application-Layer floods
  • Degradation-of-service attacks
  • Denial of service Level II
  • Distributed DoS attacks
  • DDoS extortion
  • HTTP POST DoS attacks
  • Internet Control Message Protocol (ICMP) flood
  • Nuke
  • Peer-to-peer attacks
  • Permanent DoS attacks
  • Reflected/spoofed attacks
  • Amplification
  • Mirai botnet
  • R-U-Dead Yet (Rudy)
  • Shrew attack
  • Slow read attack
  • Sophisticated low-bandwidth DoS attack
  • S(SYN) flood
  • Teardrop Attacks
  • Telephony DoS
  • UPnP attack

Signs and Symptoms of DoS attack

  • unavailability of a particular web site
  • unavailability of  multiple or all sites shared by the same server
  • inability to accces any web site
  • unusually slow network performance
  • dramatic increase in volume of spam emails
  • dramatic increase in volume of spam form submissions

DDoS Defense options

  • Application front end hardware
  • Application level key completion indicators
  • Blackholing and sinkholing
  • IPS based prevention
  • DDoS based defence
  • Firewalls
  • Routers
  • Switches
  • Upstream filtering

Many SMBs rely primarily on a Managed Security Service Provider (MSSP) to protect them from cyber threats, leveraging DDoS Protection as a Service (DPaaS).

Does your SMB need reliable, expert Security, Data Backup and Disaster Recovery Services in New Jersey?

Call us (201) 4931414 x 311 to speak to our Managed Security Services experts  to request a consultation.

powersolution.com, is an IT Security consulting and Computer Network Support company for your Small Business. We deliver all assets of Managed Security Services for your SMB.

How is your state of IT? Call Us: (855) 551-7760 with any questions.