You may have heard the term DDoS, either via the media or maybe in relation to your own website or hosting services. It stands for Distributed Denial of Service. In short, it’s a method used by hackers to disrupt and/or take down online services, such as websites, gaming platforms or apps. At its best – it’s extremely frustrating. At its worst, its crippling and destructive.
Image Courtesy networkworld.com
DDoS attacks begin with the hacker – either an individual or a group – hijacking or taking over a computer system, generally a server but DDoS attacks can also originate from a Desktop device or in some cases, hackers will purchase genuine services from hosting providers using stolen credit cards and then use this service as part of the attack.
The devices, whether a compromised PC, server or a fraudulently purchased hosting service, are then directed by the hacker in charge to target or attack a specific IP address or website and send enormous volumes of spammy traffic. The target is then completely overwhelmed and shuts down under the wilting volume of traffic.
A good way to think of a DDoS in a real-world scenario is to imagine your local Fish and Chip Shop on a Saturday night – generally one of the busier nights for most operations.
On one particular night, our “hacker” begins calling the store, using various mobile phones or landline numbers, and placing orders. $10 of chips, 2 pieces of flake, 8 potato cakes etc. At first, the shop handles the orders and continues to operate – albeit with a bit of a spike in orders – after all, the single hacker may have multiple phones but he can still only make 1 call at a time. (This is actually referred to as DoS – as opposed to DDoS)
BUT – the hacker now enlists 20 of his nearest and dearest hacker mates to start hammering the same store – eventually, the store simply has too many orders and will stop taking any more and perhaps even turn off their phone. In this case, as the attack is coming from various locations – or Distributed, the correct name is DDoS rather the just DoS.
DDoS total attacks history and predictions.
- 2018 (7.9 Million)
- 2019 (9.5 Million)
- 2020 (10.8 Million)
- 2021 (12.1 Million – predicted)
- 2022 (13.9 Million – predicted)
- 2023 (15.4 Million – predicted)
Source: Cisco Systems.
This is where DDoS can be damaging, not only has the Fish and Chip shop wasted resources dealing with the ‘dodgy’ orders, but they have eventually stopped taking orders from legitimate customers – so the effect is twofold.
DDoS on your website or email is similar – the hackers goal is stop the site functioning the way it should and damaging the sites traffic and reputation – an offline site is not a good look.
Whilst DDoS are hard to prevent, they can be mitigated. It has happened to the biggest and the best – Sony, Facebook, Australian Government to name a few. A reliable web hosting provider should have precautions in place, such as Firewall algorithms.
A DoS attack is much simpler to stop, as it’s generally a single location – so in our Fish and Chip shop example, the store would eventually recognise the callers voice and stop accepting orders – or a hosting server would simply block the IP address.
A DDoS is much trickier – again in the Fish and Chip shop example, the orders or ‘attacks’ are coming from different numbers, with different voices. How can the store decide who is legitimate and who is not? Same for a server – how can it tell which traffic needs to be blocked and which is legitimate?
This is where the Firewall algorithms – such as those used by Hosting Australia’s Hosting Servers – come in. This basically means the Firewall system will look for patterns that indicate a DDoS attack and apply automatic blocking. (Our poor Fish and Chip shop is unfortunately on its own now!)
Hosting Australia constantly maintains Firewall configs, to ensure we minimise the impact of DDoS attacks on our clients – in most cases, you may not even notice an attack has occurred. We also subscribe to a number of providers that provide lists of known DDoS points of origin, which we block before they are even directed at Hosting Australia’s server. Whilst no server is ever fully protected from a DDoS – a best practice scenario will ensure your impact is minimised.
If your current host doesn’t provide you with this piece of mind, give our Australian Based Customer support team a call on 1300 761 930 and we can discuss your options for migrating to a reliable host.