Denial of Service Attacks: What You Need to Know

Posted by Webmaster - July 8, 2012 - Blog - No Comments

Distributed Denial of Service (DDoS) attacks are one of the most malicious kinds of attacks an eCommerce website can suffer. The aim of the hacker isn’t to gain information, but to take your whole website down. What is a DDoS attack, why do hackers use DDoS attacks and how can you guard against it? Read on.

==> How a Denial of Service Attack Works

A denial of service attack is a flooding attack. Basically, the hacker floods your pipeline with so much bogus traffic that your website is unable to handle authentic traffic.

Think of it like your mailbox. If every day you got 10,000 letters that looked like real letters but contained junk, you’d have a very hard time finding any real letters addressed to you.

Usually DDoS attacks are done with “slave” machines or botnets. Hackers who control tens or hundreds of thousands of hacked computers all point those computers’ traffic to your server at once. All this combined traffic can quickly take your server offline.

==> Why Do Hackers Do DDoS Attacks?

If hackers have no financial incentive from DDoS attacks, why do they do it?

For one, hackers could do it just because they can. They could view it as a challenge. Hackers will often try to take down websites as a test of skill.

They could do it because something you did angered them. For example, Anonymous famously took down MasterCard’s website after they backed PayPal’s decision to freeze Wikileaks’ accounts.

It’s also possible that there actually is a financial incentive. For example, someone could have paid the hacker to take your site down. Or the hacker could be a competitor who’d benefit from your site going down.

If your site goes down on Halloween, for example, the one day when you do 40% of your business, your next competitor stands to gain significantly. Or the hacker could be shorting your company’s stock, if you’re publically traded.

==> Defending against a DDoS Attack

Defending against a small DDoS is quite simple. All you need to do is set up your systems to quickly ferret out the real traffic from the fake by reading just the packet headers.

That means instead of fully evaluating each request coming into your servers, your servers start to “scan” the requests. They quickly dump anything that looks like an attack packet, while letting the rest through.

On the other hand, defending against a massive DDoS attack is extremely challenging. Even the best sysadmins will have a lot of trouble defending against an attack with hundreds of thousands of computers. The above technique doesn’t work, because even evaluating just the headers takes too long.

Once you get to this level of attack, you’ll need a sysadmin who really knows what they’re doing to reconfigure your server to withstand the attack. You may need to up your bandwidth or add more CPU power to defend against the attack.

DDOS attacks are one of the rarer forms of attacks you’ll face. Generally, attackers will try to gain access to your database, steal your customer’s data or use some other form of more monetizable theft. If you do find yourself facing a small DDoS attack, you should be able to deflect it by reconfiguring your servers. If you’re facing a giant DDoS attack, however, you may have to bring in specialists.