In the first half of 2022, the number of malicious DDoS attacks increased by 203% compared to the first six months of 2021. This is not a record worth celebrating.
In August, Google blocked a distributed denial-of-service (DDoS) attack of 46 million requests per second. The attack was 76% larger than the previously reported record, illustrating that DDoS attacks are increasing in frequency and growing exponentially in size.
What is a DDoS attack?
There are two levels of attacks we are talking about here – a denial of service (DoS) and distributed denial of service (DDoS) attack. Generally, both malicious attacks attempt to block users from the ability to access certain Internet services by flooding the targeted system with massive fake traffic. Since servers are built to withstand a certain pressure, like a bridge with weight warning labels, the system clogs once there is too much traffic, and the bridge can collapse.
A DoS attack is usually carried out by one malicious actor or just a few devices under their control. If someone has a grudge against their workplace, they may try to overwhelm web servers with requests and block access to important information for other employees.
But one computer can’t make that much of a difference, and that’s where botnet comes in. Bots are hijacked machines around the world. Through various means, mostly phishing or fake file downloads, malicious actors infect the computers of a large number of users and harness them to launch an attack.
This is where we go from the denial of service attack to the distributed attack. Since the system is attacked by multiple access points, as you can probably guess, it is much more difficult to deny this kind of attack.
Can last for hours or even days
The first ever recorded DDoS attack occurred in 1996. Panix, an internet provider, was taken offline for several days. The malicious actors used the Syn Flood attack to send incomplete connection requests, thereby flooding servers and disrupting network service distributions.
This attack was really small, but at the time even a very small bot network could do the job. Since 1996, DDoS attacks have grown exponentially in size and frequency.
In fact, in 2007, Estonia fell under one of the largest DDoS attacks in history that lasted for more than 22 days. It has been 22 days when all the major government websites and servers were continuously attacked by what was believed to be a destabilization attempt by a foreign government. Another big one happened in 2015 when the attackers from China targeted two anti-government projects on GitHub and managed to paralyze this site for several days.
Most of the time business vendors, gaming services or bank servers fall victim to a DDoS attack. For example, in 2018, the Danish rail operator DSB experienced a DDoS attack, which took down its ticket-buying system, delayed trains and cost a lot of money.
Another example is the Mirai botnet attack, where hundreds of Minecraft servers were targeted in a widespread attack in 2016. What’s worse in this case, the botnet went “rogue” and attacked several different servers in the eastern US.
However, a DDoS is also kind of a tool, and a tool can be used both for good and bad. As we saw with the Russian invasion of Ukraine, where hacktivists and Anonymous teamed up to create an insanely large bot network and target Russian government structures and pro-Russian websites. These types of cases blur the lines between crime and a necessary evil.
Is there any way to stop DDoS attacks and protect your website? You need to monitor your network for any changes and be able to act quickly. Have a backup plan ready, such as contacting your ISP provider or using Cloudflare UNDER ATTACK mode to redirect traffic.
Next, don’t skimp on a good and secure hosting provider and buy a virtual private server or cloud hosting plan. For example, Hostinger uses advanced hardware firewalls and other tools for DDoS mitigation.
At your local network level, a VPN is a very effective method of adding a layer of protection against DDoS attacks. Most VPNs have many measures to mitigate these types of attacks, but even in general VPNs mask your real IP address, meaning that when an attack is launched against you, all that malicious traffic will go to the VPN’s IP and not yours.
More from Cybernews:
Google blocks a record DDoS attack of 46 million requests per second
As Cyber Legions Rise, Malicious DDoS Attacks Rise 203%
Cybergroup offers DDoS attacks for $80 an hour
DDoS-for-hire attacks cost less than a used car
LockBit hit by DDoS after Entrust hack
Crypto incubator targeted with largest known DDoS attack
Subscribe to our newsletter