A distributed denial-of-service (DDoS) attack occurs when multiple computer systems attack a website or server, flooding the network with messages or connection requests. The attack overloads the system, severely slowing it down or even completely crashing it, resulting in a denial of service for legitimate users. These attacks can prevent users from performing their daily duties and operations, potentially costing your company millions of dollars and putting your company at risk of many other types of attacks.
How a DDoS Attack Occurs
Typically, an intruder begins a DDoS attack by invading a target computer or system through a security vulnerability or email virus. This is done by exploiting a known issue (such as a bug in a recent software update), opening an email with a virus, or bypassing security systems by something as simple as guessing a weak network password. Once the intruder has access, he or she can use the compromised devices to flood the target with bogus requests and traffic, forcing it offline.
There are three main kinds of DDoS attacks:
- Network-centric attacks (also called volumetric attacks) cause a denial of service by taking up all of the available bandwidth until it critically slows the system down or completely crashes it.
- Protocol attacks (also known as state exhaustion attacks) exploit flaws in the transport layer, overloading the available resources in the targeted systems such as firewalls, load balancers, and servers.
- Application layer attacks use bugs and vulnerabilities in the applications and software to inundate all available applications or databases with application requests, making it impossible for legitimate requests to get through.
DDoS Attacks are Constant Threats to Business Owners
Once an intruder has control of one system, he or she can use the internal network connection to identify other vulnerable systems and infect them with malware or control them remotely. The first compromised computer, known as the DDoS master, is used to gain control of others in the system—causing a network of infected systems commonly referred to as “bots.” The intruder then has full command of the network of bots, which can consist of hundreds of thousands of individual terminals, networks, or access points. Once fully compromised, your business can no longer perform its daily operations, causing your company to lose revenue and possibly customers altogether. This also puts you at risk of extortion, since the attacker can maintain your system shutdown for hours or even days. The attacker can also overwhelm your equipment to the point of permanently damaging it, requiring your company to purchase expensive new equipment. DDoS attacks often also act as distractions, allowing attackers to carry on with much more severe and detrimental cyber-crimes.
DDoS attacks are a constant threat to business owners, but the right protection and recovery protocols can significantly reduce or eliminate the impact on your commercial enterprise. At ATI, our managed IT services and patch management enables us to rapidly deploy emergency patches for Microsoft servers and workstations and third-party software, helping to avoid attacks before they occur. If your system has suffered a DDoS attack, our Disaster Recovery as a Service (DRaaS) can provide third-party server hosting and cloud resources to restore your operations as quickly as possible.
The professionals at ATI can evaluate your needs and help you determine which storage and service options are right for you. Contact us today to get more information about how our data centers can serve your needs or set up an appointment to tour our Chantilly facility.