Published on August 26, 2021
Cyber attacks targeting small and large businesses are becoming more and more sophisticated. Beyond ransomware and identity thefts, there is another cyberthreat against which all businesses should be fully protected: Distributed Denial of Service attacks, also known as DDoS. These can have a significant negative impact on a company’s reputation and productivity.
DDoS attacks aim to overload a computer system, causing it to go down and rendering it non-operational. The exact methods may vary, but a common way to overload a computer system connected to the Internet is to take control of thousands, if not millions of computers and then asking them to log on to a specific website.
Moreover, as specified by the Canadian Centre for Cybersecurity, your organization does not need to be directly targeted by a DDoS attack to be affected by it. If a supplier with whom you do business for your Internet infrastructures falls victim of such an attack, there is a good chance that at least part of their infrastructure will be directly impacted.
What Is a Distributed Denial of Service Attack?
DDoS attacks are increasingly common targeted attacks. Authorities estimate that there were some 17 million DDoS attacks in 2020 alone. On average, the bandwidth used in each of these attacks reaches an unseen level of 26.37Gbps. The number of such attacks that reached 100 Gbps or more was multiplied by ten in just one year.
The attacks are harmful in that they generally target a server, a computer system, or a specific business that does not have the technical means to host such a large amount of data simultaneously. This could range from merely recognizing the state of an organization’s network to orchestrating a full-blown attack, with the aim of causing a major outage at a critical time.
There might also be a human factor. A disgruntled former employee or a large, organized group, such as a shady competitor, could be behind an attack.
These requests clog up the bandwidth, quickly loading the server with more data than it can handle. Another way to attack the server is to target one of its applications that is known to go haywire if misused. The server then clogs itself up.
In both cases, the goal is the same: to impact, if not neutralize the company’s computer system so it can no longer respond to access requests from legitimate users.
At first glance, this may seem trivial, but for various companies, day-to-day operations are dependent upon the computer system. In the context of remote working, a breakdown caused by an attack prevents remote workers from accessing the tools they need to work.
In the case of a business that manages manufacturing operations remotely, a breakdown in the computer system could mean that the factories can no longer produce the desired goods.
DDoS attacks are a reality that SMEs and large enterprises, as well as public organizations, such as schools, must deal with.
One of the main shortcomings related to this cyberthreat is that the managers of these organizations forget to assess their impact and put off security updates for their systems. This makes said systems ideal targets for wrongdoers.
Who Would Want to Target Your Business?
Hackers could have malicious intentions or simply want to prove their ability to orchestrate an effective attack. For instance, they could want to test out their botnets, zombie computers they can order in large numbers, to prove the effectiveness of their technology in order to resell it to a third party.
Zombie computers are a group of devices connected to the Internet—a computer or any other connected object, such as a Wi-Fi surveillance camera—which has been hacked. Hackers can take advantage of the security flaws or shortcomings of various devices, and eventually control them. The devices in question will send requests and connect to a specific server. To prevent your systems and devices from being used by a zombie network, make sure to install updates and security patches as soon as they are available.
That said, these attacks generally have a monetary or political goal. “A hacker who successfully manages to paralyze a company’s online activities for 24 hours will have an impact on its business. It can even go so far as affecting the company’s share price on the stock market,” says Frédéric Ronze, Expert Advisor, Business Solutions at Fibrenoire.
This is what happened in 2020, when one of the biggest DDoS attacks occurred, taking advantage of a flaw in American giant Amazon’s Cloud-based services. The company, which hosts data and web services for thousands of companies in North America and all over the world, saw its shares drop by 10% following this attack.
Targeted attacks can be complex and dynamic. They evolve over time to overcome the protective measures in place. In such cases, hackers will initially check out the lay of the land and identify their target and its vulnerabilities. The attack will be dynamic, targeting very specific services and apps, one after the other, and making use of their various flaws.
“Even a small attack can end up breaking down a firewall or bringing down an entire network,” says the IT security expert.
In some cases, DDoS attacks can also be part of a broader scheme. They can be used as a diversion to cover up a more intricate cyberattack elsewhere within the organization.
How to Protect Your Business
More and more companies operate almost exclusively via Internet. Company directors and their IT security managers, who want to protect their businesses from threats such as DDoS attacks, must answer two questions. First, which of their company’s online activities are public or can be accessed externally? And second, what are the backup plans and protection mechanisms in place for these activities, in the event of a breakdown?
Having the correct answer to this second question is especially crucial if your company carries out commercial activities, such as sales or financial transactions, online. After all, when a transactional site goes down, the sales stop and a loss in revenue ensues.
The way in which your online operations are managed, if they are hosted locally or in the Cloud, will affect how you protect yourself from Internet attacks. The best way to protect yourself is to speak with your service provider. Fibrenoire customers, for example, have access to experts who will recommend the option that best suits their needs.
For many businesses that host a portion of their IT system locally, the first thing to do is, unfortunately, also the most limited one. They need to ensure they have a detection and traffic-cleaning platform. This platform will be able to detect and filter out a high volume of connection requests before these requests overload the system. These systems make sure only legitimate traffic goes through the company’s bandwidth and local network.
The effectiveness of this solution alone is limited. The biggest problem lies in the bandwidth. Given the size of the attacks, even if the majority of the requests they generate are filtered, it remains likely to clog up the company’s bandwidth either way.
On the other hand, exclusively Cloud-based solutions are not always the most appropriate either. They are sometimes limited to very large companies that operate internationally, given that these solutions tend to be more complex and rather expensive.
For a business, the solution offered by the Internet provider is the best compromise. It avoids an immediate costly expense and provides a solution that can be hybrid, as it includes Cloud-based tools to protect certain more specific services, maximizing the company’s investment.
Naturally, as an Internet service provider, Fibrenoire already has its own technology to detect and neutralize these attacks. It cleans up, so to speak, the upstream traffic on the company’s Internet network before sending data to the client. The Fibrenoire experts have access to worldwide databases that share data on the state of the Internet network which helps to quickly detect ongoing DDoS attacks and those that are evolving rapidly and that could have an impact on the network.
That said, for businesses whose online operations are critical, there are cutting-edge solutions that can be extended to networks worldwide. The providers of such solutions, as well as their servers, are also located all over the world.
This solution is a little more costly and is especially compatible with the systems of large businesses or companies that have a significant online presence and operate internationally.
Find out about our DDoS Protection’s Solution