The number of distributed denial of service (DDoS) attacks in the second quarter of 2015 reached an all-time high according to the latest State of the Internet report from Akamai. DDoS attacks grew seven percent over last quarter and increased by 132 percent compared to this time last year. HOSTING shares 4 things you need to know about DDoS attacks and how you can fight them.
A basic denial of service (DoS) attack involves bombarding an IP address with large amounts of traffic. If an IP address points to a web server, then it (or routers upstream from it) may be overwhelmed, causing a blockage for legitimate traffic to contact it. The site becomes unavailable and service is denied.
A distributed denial of service (DDoS) is basically a DoS attack on steroids. Malicious traffic is generated from multiple sources – and orchestrated from one central point. Traffic sources are often distributed throughout the world, making a DDoS attack much more difficult to block than one originating from a single IP address.
DDoS attacks by the numbers
- 43% – increase in total DDoS attacks from Q2 2014
- 99% – increase in the average attack duration: 20.64 hours in Q2 2015 vs. 17.35 hours in Q2 2014
- 12 – the number of DDoS “mega attacks” that peaked at more than 1,000 gigabits per second (Gbps) and 50 million packets per second (Mpps)
- 240 gigabits – the largest DDoS attack of Q2 2015
- 13 hours – the duration of the largest DDoS attack in Q2 2015
- 1 – 2 hours – the duration of a typical DDoS attack
- 35% – percent of DDoS attacks targeting the online gaming industry – the number one DDoS target. Telecoms are another prime target.
Source – Akamai’s [state of the internet] / security Q2 2015 report
4 tips for fighting DDoS attacks
DDoS are relatively easy and inexpensive to execute, meaning that anyone can launch an attack including: cyber criminals, industry competitors, a disgruntled employee, or a bored student. So how do you protect organization against DDoS attacks? HOSTING offers four tips.
#1 – Identify a DDoS attack early
Knowing what your typical traffic pattern looks like makes it easier for you to spot anomalies. Most DDoS attacks start as spikes in traffic, so be sure to understand the difference between a sudden surge in visitors and the start of a DDoS attack
#2 – Go big on bandwidth
Having more bandwidth than you need can help you accommodate sudden and unexpected surges in traffic that can be attributed to seasonal buying, a new product launch or even a mention in the media. It can also help you buy some time in the event of a DDoS attack to adjust your resources before they become overwhelmed.
#3 – Protect your perimeter (if you run your own web server)
While these actions won’t stop a DDoS attack, they will help you mitigate an attack during the first few minutes of it.
- Rate limit your router to prevent your web server from being overwhelmed
- Add filters to instruct your router to drop packets from obvious sources of an attack
- Timeout half-open connections
- Drop spoofed or malformed packages
- Set lower SYN, ICMP and UDP flood drop thresholds
#4 – Call your hosting provider (if you don’t host your own web server)
Your odds of withstanding a DDoS attack are typically better if your Web server is located in a hosted data center than if you run it yourself. Why? Because a hosted data center will likely have higher bandwidth link and higher capacity routers than your company has. And a cloud provider such as HOSTING will have a team of experienced, certified information security experts and services to safeguard your environment against a DoS attack. Finally, having your Web server located with a hosting provider will also keep DDoS traffic aimed at your Web server off your corporate LAN, so that some of your services such as email and VOIP can operate normally.
Contact the HOSTING certified information security team for help in putting together a comprehensive DDoS plan to safeguard your information assets. You can also download our complimentary white paper, Avoiding the Breach: What You Need to Know About Online Security.