DDoS Becomes A 1 Terabit Phenomenon

February 1, 2017

Back in the middle of September, some amazingly terrifying things were happening in the world of technology. A DDoS (Distributed Denial of Service) attack reached a mind-boggling 1.1 Terabits per second. Not all users are familiar with DDoS attacks, but we’ll explain how it scales to give perspective, why it affects smaller businesses, and how you can protect yourself.

First, what is a DDoS and why does it matter? A DDoS attack consists of many compromised devices targeting a single system. The compromised devices target the system by attempting to overwhelm an online service.

Once it is successfully overwhelmed, it can be temporarily unavailable or crash completely. There is generally not any irreparable damage to the system itself, but data that is mid-transfer can become corrupted and the system can become unresponsive preventing you from accessing it for work.

Secondly, we generally do not think in Terabits. People on a day-to-day basis are generally dealing with Kilobits and Megabits (which is 1000 Kilobits). When you download a file, you are likely doing it between 10-20 Megabits. This means that this new DDoS attack is 50,000 to 100,000 times faster than your average computer. These numbers are achieved by creating a series of compromised devices acting under singular actions, also known as a botnet.

Chances are, you have never been the victim of a DDoS attack. Unfortunately, that may change. In recent years, attacks on small businesses have increased substantially and the damaging potential has increased over time.

Part of the rise of DDoS attacks is the availability of easy-to-use tools off of disreputable markets and websites. With less skill needed to participate, more people can begin creating DDoS attacks.

So what can you do if someone decides to bombard you with a 1 Terabit attack? At that point, wait for it to end. Realistically, no one with that kind of botnet is going to attack a smaller business unless they have a personal vendetta against you.

More likely is a much smaller DDoS attack, something in the realm of sub-100 Gigabit attacks. But what can you do to defend yourself? Well, you might already be on the right track to preventing attacks not only to your business, but others as well. The main way smaller attackers are making a big impact is based on an open DNS resolver.

Now, what’s an open DNS resolver? More or less, it is an error. A DNS can be open or closed; an open DNS resolver allows traffic and requests from any Internet source while a closed DNS limits who can use it. Using open DNS’s, people can bounce off of open resolvers for both a larger attack as well as anonymity. How can you fix this? Most DNS clients are open by default, so make sure that when you set one up, you close it. When an attack does hit, it will generally give you an IP. Make sure to check out which DNS resolver it is coming from and to update the settings.

In the end, all you can do is make sure that your infrastructure is set up in a way that protects your data from a DDoS attack. Double-check your DNS resolvers to make sure they are not open, keep up to date backups available in case of the worst, and inform law enforcement when it does happen so that they may be able to track down the culprits and put an end to their childish games.

Filed Under: DDoS Tagged With:

Protecting Your Business From DDoS Attacks

May 26, 2016

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

A Distributed Denial of Service (DDoS) attack prohibits access to a computer resource. This kind of assault rarely happens alone but rather occurs in waves once an attacker realizes they have been successful in the first attempt.

Using the same method of attack on a business’ computer system, such cyber-attackers can then overwhelm and suppress Internet facing websites and applications, which can greatly hinder the ability to conduct business as normal.

In order to safeguard against DDoS attacks, small businesses must first recognize they’re potential targets, especially since there has been a recent rise of such assaults on small businesses in the past year.

While the motivation behind such an assault can be difficult to understand, they happen for a wide variety of reasons. Attackers may seek to hold systems hostage in an extortion attempt, or the attack may not be motivated by the prospect of financial gain at all. [Read more…]

Filed Under: DDoS, Security Tagged With: ,

Small Businesses Experience Increase In DDOS Attacks

March 8, 2016

Some readers may already be wondering, “What exactly is DDoS and why should I worry about it?” DDoS stands for Distributed Denial of Service – and a DDoS attack is when a person (or group) acts maliciously and uses a program which has a sole purpose of flooding a server with traffic.

Why would someone do this? There are many reasons one would execute this devastating attack. For instance, you run a news website. You publish an article that this person doesn’t agree with. They, in turn, run their malicious program. It sends thousands upon thousands of page requests (unique requests to open the website), which causes more traffic than your server can handle.

Your server crashes from the load and no one is able to view your site. Of course, this could be one reason among an infinite amount. For whatever evil agenda they have, it does not fare well for those on the affected side.

In 2015 alone, there were some 50,146 attacks that were detected – averaging 137 per day and 5 per hour (Newswire, 2016).

While these attacks may not make national news or headlines, the IT world is paying close attention. With more devices and easier programs to use, almost anyone could be on the bad side of the cyber war.

One of the more recent attacks that happened was on New Year’s Eve. A group calling themselves New World Hacking took down BBC’s global site and Donald Trump’s site. Another big attack was aimed at a big part of the Internet itself. Namely, the 13 DNS servers on the backbone of the Internet.

These servers are important because they translate the words we use (such as website addresses) into the numerical equivalent that the machines understand. There were two separate attempts, one being 160 minutes long and another lasting about an hour. It caused three of the DNS servers to go offline for a couple hours or so, which is enough to cause a lot of slowness issues or DNS errors on a lot of people’s screens.

What can be done to help mitigate this issue? There are a few things. You definitely should have an IT department or IT security group who is able to handle this. Bigger corporations especially should be keeping up with threat trends and keeping their firewalls and security prevention up to date and active.

Now, say you’re a small to medium size business and you have no security on your network. It would be a good idea to have an IT service provider such as Tech Experts to help with your IT and security needs. These days, especially in recent years, it’s not a good idea to just pay your cousin under the table to install a router and call it good.

If you can’t afford to have anything happen to your data or to be down for a day or more, hire a professional. We can set you up with a network designed with your needs and security in mind.

Filed Under: DDoS, Online Security Tagged With: