DDoS Attacks: Distributed Denial-of-Service

BDR Emma Mouncey

Written by Emma Mouncey
University of Portsmouth

DoS (Denial-of-Service) Attacks are malicious attacks aiming to disrupt a server or network using a computer. 

DDoS (Distributed Denial-of-Service) Attacks are the same as DoS attacks but use multiple systems. These can be remotely used computers compromised through malware.

How DDoS attacks work :

DDoS attacks can either be many different individuals working together to overload a system or An individual using botnets which are computers hacked through malware and operated as a virtual machine.

Types:
  • Overloaded network layer – hardware or software failure due to overloading the network capacity, ie WiFi bandwidth.
  • Overloaded application layer – Overloading the system with too many requests and applications, ie asking the processor to do too much work.
    (This takes less resources for the attacker)
Purpose

 To render a service unusable.

Effect
  • Users will not be able to use or view the site.
  • Customer complaint.
  • Cannot retrieve site data.
  • Loss of productivity.
  • Reputational damage as there is a potential for not being able to fulfill contracted roles.
  • Business functions are inaccessible

In 2022 Microsoft mitigated over 520,000 unique DoS attacks from their global infrastructure.

Azure Network Security Team, 2023

How to spot a DDoS Attack:
  • Sites are running slower than usual.
  • High number of requests from the same IP address.
  • Customers cannot access your site.
  • Error 503 warning appears – this shows a server that is overloaded or temporarily down for maintenance.
How to protect your business:
  • Know your weaknesses (ie your bandwidth and capacity size) and plan what to do in this instance.  This includes contacting customers.
  • Invest in a business grade router. This will increase bandwidth and be aware of the maximum capacity.
  • Buy a Web Application Firewall – this identifies DDoS tools and protects your website.
Why your small business is targeted:
  • Smaller businesses do not usually have large bandwidths to hold large volumes of traffic so are easier to overload as it would need less resources to overwhelm.
  • DDoS prevention software can be expensive so smaller businesses do not have them.
  • Do not have a high budget to implement sophisticated cyber security systems.
References
Azure Network Security Team (2023). 2022 in review: DDoS attack trends and insights. Available at:
https://security-blog-prod-wp01.azurewebsites.net/en-us/security/blog/2023/02/21/2022-in-review-ddos-attack-trends-and-insights/
CloudFlare (n.d.). What is a DDoS attack? Available at:
https://www.cloudflare.com/en-gb/learning/ddos/what-is-a-ddos-attack/
National Cyber security Centre (2016). Denial of Service (DoS) guidance. Available at:
https://www.ncsc.gov.uk/collection/denial-service-dos-guidance-collection
Rachel Ramsey, for Knowledge (2020). DDoS attacks: What small businesses need to know. Available at:
https://dotknowledge.uk/articles/view-article/ddos-attacks-what-small-businesses-need-to-know
Shaping Portsmouth