DDoS, it sounds rather apocalyptic, as if the term comes directly from The Matrix. However, just about every website has to deal with it, so as a website owner it is important to know what it means. Once you know what the danger is, you better arm yourself against it.
DoS and DDoS
First of all, it is important to know the difference between Dos and DDoS. DoS stands for Denial of Service. In a DoS attack, one computer system will focus on another system with the aim of preventing the attacked system from performing its task. This often concerns activists or hackers who target servers, devices, services, networks or applications. This is therefore a single system that carries out the attack, in contrast to DDoS (Distributed Denial of Service) in which multiple systems focus on a specific victim.
How exactly does such an attack work? In concrete terms, it is important that so many requests are sent to a system so that the server can no longer master the requests and collapse under pressure. Feel free to compare it with a motorway where it gets so busy that everything slows down and eventually comes to a halt. For example, a web server can receive so many requests to display a specific page that all resources of the web server (bandwidth, CPU and RAM) go to the fake requests. Real visitors who then also want to request a page, have to deal with a delayed server or a server that no longer responds. The same can happen with a database that has to handle a colossal number of queries.
In a DDoS attack, a system receives so many requests that it collapses underneath.
Who benefits from carrying out a DDoS attack? As with other hacking attacks, there are plenty of reasons for this. One does it to prove itself as a hacker and build up street cred, while the others want to earn big money with extortion. Once you have hacked out a large website, you can also continue to earn money without having to actively hack. After all, you can use the ‘protection money’ principle. You contact another large website and you threaten to lay them flat when they don’t pay you.
How do you protect yourself against it?
Protecting you against DDoS attacks is largely the responsibility of the hosting company where your website is located. The first step in overcoming DDoS attacks is to have an infrastructure that doesn’t just collapse under pressure. To return to the analogy of the motorway, a good hosting provider will add extra ‘lanes’ so that the roads do not clog up. Even when there is a lot of traffic, the network remains able to process everything.
Furthermore, as a hosting provider it is important to do proactive monitoring so that you are immediately notified when a DDoS attack occurs. To outwit the hacker, for example, some hosting providers use the anti-DDoS Car Wash or NaWas. When malicious requests are detected, the hoster will pass on this traffic to a backbone provider who then forwards the traffic to NaWas. Here it will then be determined whether or not it is malicious traffic. If this is the case, the traffic will be blocked. Valid traffic is forwarded to the correct destination. In the car wash malicious traffic is therefore filtered from legitimate traffic. That way legitimate visitors can continue to use your website even when a DDoS attack occurs.
Selecting a good hosting partner is therefore the most important step in protecting your website against DDoS attacks.