F5.5G Leap-forward Development of Broadband in Africa The Africa Broadband Forum 2024 (BBAF 2024) was successfully held in Cape Town, South Africa recently, under…
DDoS types and how to fight them [Sponsored]
Accessibility, integrity, and confidentiality are the fundamental concepts of cybersecurity. Denial-of-service (DoS) attacks, in their turn, affect the availability of information causing huge damage to internet businesses each year. The goal of cybercriminals relying upon such methods is to bring down the work of a particular website or an app.
Although each successful attack may impact various targets in a different way, it always incurs severe damages. Consistent denial of service may cause huge financial loss to any business from a web-store to an online casino. In each specific case, DoS activity can either directly cause harm, or create a threat and potential risks.
The DDoS stands for distributed denial-of-service attack. In this case, we are talking about a huge mass of malicious requests being sent to the target’s server from numerous sources. Typically, such attacks are organized through botnets. Generally, the DDoS attacks are classified by OSI model. In total, the model includes 7 levels that cover all communication environments: from the physical environment (the first level) and ending with the level of applications (7th level), which “communicate” with each other programs. DDoS attacks are possible on each of the seven levels.
There are several effective approaches to addressing the DDoS threat:
- Dynamic firewall packet inspection
- Usage of dynamic SYN Proxy mechanisms
- Limitation of the SYNs per second number for each local and remote IP address
- Installation of ICMP and UDP flood screens on the firewall
- Limitation of the routers adjacent to firewalls and networks speed
Means of protection from DDoS should be included in a single, internally consistent, and sustainable architecture. Any security tool, that is properly installed and configured, makes the flood process more difficult and expensive. It’s no secret that DDoS is a business with a well-developed tariff policy and even loyalty programs.
Almost any means of protection on the side of the company increase the cost of the process for intruders. Usage of a specialized DDoS filter with reputational databases makes attacks several times more expensive. The more profound your security is, the bigger is the chance that attacking your system you will become not cost-effective.
In case a botnet is used, then their resources are limited – the tool consists of a certain number of compromised devices. During the attack, the traffic from these devices is identified by the DDoS filter as malicious and blocked, the IP address of the device is then sent to global reputation databases and quickly gets to other protection services around the world. The usage of this gadget in future becomes impossible, the botnet loses its resource and becomes less efficient.
It’s also possible to prevent the damage on its initial stage. As before the main attack, there are usually tests of the target’s security systems with provisional small floods, which are easier and cheaper to organize. Detection of the test-DDoS will help you to prepare for the upcoming storm. Considering the variety of specialized software, even a slight change in the website’s normal workflow should make you feel cautious. Even a slight suspicion of becoming the target is a good enough excuse to take some additional security measures, or at least contact your security service provider.
It is also possible to install a local anti-DDoS solution and use the cloud-based security provider service – either on a permanent basis or by connecting to it when you suspect that the attack is coming. However, the cloud services are designed to meet the needs of a variety of customers, therefore it might be complicated (or sometimes even impossible) to customize it for effective repelling of targeted attacks.
Therefore, the most common approach is to combine a local device with security tools on the provider’s end. In this case, the security tools can be fine-tuned, and as soon as the volume of incoming traffic exceeds a certain limit, it gets automatically redirected to a more powerful external cleaning tool, allowing to minimize the damage any hacker may cause.
Today, the world’s entire digital economy depends on an unobstructed access to the Internet. Online business, such as an Internet casino or an online store are especially vulnerable, as their website’s non-functioning may cost its owner thousands per hour. Therefore, it is crucial for any company operating online to know what DDoS is and think of ways to protect themselves in advance.