What Is A Distributed Denial Of Service Attack?


The Internet is a huge global network of routers, switches, and servers. Each of those components is just a computer. They’re often highly specialised computers, but they’re machines with processors, memory, and storage. Most of the time, they have more than sufficient resources to deal with the amount of data that flows through them.

But it is possible for them to be overloaded. If you send too much data to any network connection, it will be unable to do its job of accepting that data and either sending it on to another network connection or processing it. There’s a limit to how much data each machine can handle before its performance degrades and new requests go unanswered.

Of course, it’s possible to filter some of the data, dropping connections and packets that seem malicious. But there are two big problems with that. Firstly, filtering data takes resources: the filters are just machines with finite resources applying rules to incoming packets. They can be overloaded too.

Secondly, it may be almost impossible to distinguish a malicious request from a genuine request. Think of a web server; its job is to respond to HTTP requests. If it starts ignoring HTTP requests, it isn’t doing its job. But if an attacker sends more HTTP requests than the server can handle, its performance will be degraded to the point at which genuine users can’t get the data they requested.

Distributed Denial Of Service attacks exploit these systemic weaknesses. They use various techniques, often involving huge botnets and clever bandwidth amplification strategies, to send massive amounts of data to target servers and networks.

The result: services are unable to respond to genuine users and the performance of the targeted sites degrades until they appear unavailable.

DDoS Attacks Will Continue To Grow


The recent attack against Dyn was interesting because many of the computers in the botnet weren’t zombie Windows machines, hijacked Linux servers, or compromised content management systems. Instead, they were webcams, security cameras, and light bulbs.

The so-called Internet Of Things has massively increased the number of devices that can connect to the Internet. Everything from fridges to doorbells are equipped with a network connection.

The sad fact is that the vast majority of these devices have terrible security. In the attack against Dyn, many of the network connections used to bombard Dyn’s servers belonged to webcams. The webcams used a default username and password for authentication, which meant that anyone with access to that information — anyone who can use Google — could take them over.

There are now hundreds of millions of insecure IoT devices in the wild, and over the next few years there will be billions more. Hopefully, device manufacturers will start to implement proper security, but I wouldn’t bet on it.

The number of easily hijacked devices capable of accessing the Internet is only going to increase, and that means Distributed Denial of Service attacks will get bigger and more frequent.

Protecting Your Company


DDoS attacks are an ever-present risk, and the attacks don’t have to target your business directly. If one of its vendors or service providers come under attack, the losses can be just as bad. If your business’s infrastructure provider or DNS host suffers a serious DDoS attack, your sites and services go offline too.

On the modern web, DDoS protection is essential, which is why ServerMania offers free DDoS protection up to 1 Gbps on all server hosting accounts. You can find out about more powerful DDoS protection plans on our website.