DDoS attacks - the cheap and fast weapon of choice

DDoS attacks have become prevalent for three simple reasons – they are cheap, simple to create, and effective. Instructions for creating a botnet can be found easily online. For example, anyone can perform a Google search on “cheap, automated DDoS” and quickly came up with a botnet creation and launch tutorial. These tutorials come complete with detailed programming instructions to create, launch, and control bots. It even teaches potential perpetrators how to secure their bots and themselves.

There is no doubt the number of DDoS attacks is growing, as is the likelihood of being attacked. CDNetworks’ own data shows that volumes and sizes of DDoS attacks have grown steadily over the last three years. 

DDoS Attack Trend 2016 and Outlook 2017

DDoS Attack Trend 2015 and Outlook 2016

DDoS Attack Trend 2014 and Outlook 2015

How does a DDoS attack work?

A denial of service attack occurs when web infrastructure, usually one or more servers, becomes so overwhelmed with malicious traffic that it uses all its resources and can no longer respond to legitimate website users. A distributed denial of service attack amplifies this scenario by launching an attack from multiple computers or devices distributed across the internet. Most large-scale DDoS attacks use botnets – computers with breached security that are being controlled and manipulated by the perpetrators of the attack. The perpetrators instruct all computers in the botnet to send fake or malicious traffic to the targeted organisation’s web servers, overwhelming them with traffic and rendering them incapable of serving legitimate users. 

Under attack? 
Discover our managed DDoS mitigation with 24/7 support

The ‘Who’ and Where Behind DDoS Attack Origination

Who perpetrates all these DDoS attacks? This is the difficult puzzle facing the law enforcement community. Groups range from government agencies and organised crime syndicates, to political activists and individual thrill-seekers. The profile of DDoS attack perpetrators is ever shifting, depending on the nature of current issues and opportunities presented.

That said, the most common DDoS attacks take place for these reasons:

  • Blackmail 
  • Ideological Conflicts / Principle-driven attacks 
  • Competitive advantage
  • Politics
  • Hate crime
  • Electronic protest (e.g. resentful customer)
  • Prestige for the attacker from successfully attacking a high-profile brand
  • Self-inflicted DDoS (e.g. a software bug is causing too much traffic and servers cannot handle the load)
  • Distraction from other malicious actions 
  • Random target
  • Unknown

The Impact of DDoS Attacks

DDoS attacks can hit almost every business across all industries today and small and medium-sized businesses are not immune. 

Organisations that fall victim to a DDoS attack typically suffer damage in one or more areas: from deteriorating customer trust over lost revenue and negative brand impact to slowed innovation and expansion. 

  • Short term brand damage:
  • Long term brand damage
  • Opportunity loss
  • Revenue loss
  • Customer loss
  • IT team resource diversion
  • Remedial costs
  • Internal reputation of IT function
  • Internal reputation of IT senior management