This October, some the biggest websites and online service providers in the world went offline. Twitter, Reddit, GitHub, AirBNB and a host of other companies were essentially out of business for a few hours.
The culprit: a massive Distributed Denial of Service attack against a key infrastructure provider.
These businesses, and tens of thousands like them, depend on the smooth functioning of the web to communicate with customers and generate revenue. When the web stops working, so do they.
Dyn is one of the biggest DNS hosting providers in the world. When you type a web address into your browser’s address bar, there’s a good chance that Dyn’s servers will be involved in translating it into the IP address used to route data through the network.
The recent outage was the result of Dyn’s networks coming under attack from one of the largest Distributed Denial Of Service attacks yet seen. It’s difficult to estimate the precise economic damage of the attack, but think about how much money Twitter, Reddit, AirBNB, and the thousands of other companies would have made in the hours they were forced offline.
And then think about the effect an attack of this magnitude would have on your business.
Estimates put average losses from an hour-long outage at between $20,000 and $100,000, but the actual impact depends on the specifics of your business. For enterprises that rely on Software-as-a-Service applications internally and externally, and use web-based services to generate revenue, the sky’s the limit.
What Is A Distributed Denial Of Service Attack?
The Internet is a huge global network of routers, switches, and servers. Each of those components is just a computer. They’re often highly specialised computers, but they’re machines with processors, memory, and storage. Most of the time, they have more than sufficient resources to deal with the amount of data that flows through them.
But it is possible for them to be overloaded. If you send too much data to any network connection, it will be unable to do its job of accepting that data and either sending it on to another network connection or processing it. There’s a limit to how much data each machine can handle before its performance degrades and new requests go unanswered.
Of course, it’s possible to filter some of the data, dropping connections and packets that seem malicious. But there are two big problems with that. Firstly, filtering data takes resources: the filters are just machines with finite resources applying rules to incoming packets. They can be overloaded too.
Secondly, it may be almost impossible to distinguish a malicious request from a genuine request. Think of a web server; its job is to respond to HTTP requests. If it starts ignoring HTTP requests, it isn’t doing its job. But if an attacker sends more HTTP requests than the server can handle, its performance will be degraded to the point at which genuine users can’t get the data they requested.
Distributed Denial Of Service attacks exploit these systemic weaknesses. They use various techniques, often involving huge botnets and clever bandwidth amplification strategies, to send massive amounts of data to target servers and networks.
The result: services are unable to respond to genuine users and the performance of the targeted sites degrades until they appear unavailable.
DDoS Attacks Will Continue To Grow
The recent attack against Dyn was interesting because many of the computers in the botnet weren’t zombie Windows machines, hijacked Linux servers, or compromised content management systems. Instead, they were webcams, security cameras, and light bulbs.
The so-called Internet Of Things has massively increased the number of devices that can connect to the Internet. Everything from fridges to doorbells are equipped with a network connection.
The sad fact is that the vast majority of these devices have terrible security. In the attack against Dyn, many of the network connections used to bombard Dyn’s servers belonged to webcams. The webcams used a default username and password for authentication, which meant that anyone with access to that information — anyone who can use Google — could take them over.
There are now hundreds of millions of insecure IoT devices in the wild, and over the next few years there will be billions more. Hopefully, device manufacturers will start to implement proper security, but I wouldn’t bet on it.
The number of easily hijacked devices capable of accessing the Internet is only going to increase, and that means Distributed Denial of Service attacks will get bigger and more frequent.
Protecting Your Company
DDoS attacks are an ever-present risk, and the attacks don’t have to target your business directly. If one of its vendors or service providers come under attack, the losses can be just as bad. If your business’s infrastructure provider or DNS host suffers a serious DDoS attack, your sites and services go offline too.
On the modern web, DDoS protection is essential, which is why ServerMania offers free DDoS protection up to 1 Gbps on all server hosting accounts. You can find out about more powerful DDoS protection plans on our website.