Contact Us

What Is a DDoS Attack?

Distributed-denial-of-service attacks, also known as DDoS attacks, are among the oldest attacks in the book. DDoS attacks have been used for more than two decades, but in today’s highly connected world with endless data, these attacks have become stronger and more prevalent.

Today’s DDoS attacks are more than just a nuisance to prevent websites and data from being available. They’re often part of a more sinister attack, and in some instances, can result in an entire business being taken down and unavailable to customers.

Wondering what a DDoS attack is, and how you can protect yourself against them? Here’s everything you need to know about this type of attack.

DDoS Attack Basics

A distributed denial of service (DDoS) attack is when a malicious actor disrupts the normal flow of traffic to a network, a targeted server, or a service in order to render it unavailable. Think of a DDoS attack like hitting an unexpected traffic jam on the highway. The traffic jam prevents you and all other drivers from getting to their destination.

A DDoS attack can be attempted against almost anything, including:

  • Networks
  • Servers
  • IoT devices
  • Services
  • Applications

In a world dominated by the Internet of Things (IoT) and connectedness, DDoS attacks are not only becoming more common but more disruptive.

With a DDoS attack, the malicious actor attacks the target by sending an overload of data requests. For example, if the attack is looking to take down a website, the attacker will overload the web server with requests, which will cause the server to crash and be unavailable.

This type of attack is very similar to a denial of service (DoS) attack, in which a single system sends malicious requests or data to the target. With a DDoS attack, the requests are sent from multiple systems.

Common Types of DDoS Attacks

There are three main types of DDoS attacks currently being used to render a resource unavailable. Here’s what you need to know about each of them:

1. Volume-Based Attacks

A volume-based DDoS attack involves the use of large amounts of fake traffic that is sent to a website or server. These attacks often involve UDP, ICMP, and spoofed-packet flood attacks. Common attacks include ping flood, smurf attack, and ping of death.

Not all volume-based attacks always include a huge amount of data. In fact, according to the 2011 Radware Global Application & Network Security Report, the majority of successful attacks were done with volume that amounted to less than one Gigabit per second!

2. Application Layer Attacks

A DDoS attack directed toward the application layer involves flooding applications with malicious requests. Application layer attacks target the layer where web pages are created and delivered in response to an HTTP request.

These attacks are the hardest to defend against, simply because it can be extremely hard to differentiate between legitimate traffic and malicious traffic.

Application layer attacks are usually low-to-mid volume because they are limited to the protocol used by the application. Some of the most common attacks include BGP hijacking, slow read, slow post, and HTTP(s) flooding.

3. Protocol or Network Layer Attacks

A protocol or network layer DDoS attack involves the sending of a large number of packets to targeted network infrastructures, as well as infrastructure management tools. Typically, these attacks use SYN floods as well as Smurf DDoS.

These attacks, also known as state-exhaustion attacks, work by over-consuming server resources, along with firewall and load balancer resources.  This type of attack targets web servers, voice services, and other resources that, when over-consumed and overwhelmed, can make the resource unresponsive and inaccessible.

Whether an attacker uses a volume-based attack or a network-layer attack, the end goal is always the same. All DDoS attacks are designed to cause an online resource to become extremely slow or completely unresponsive to valid requests.

Today’s DDoS Attacks

While DDoS attacks have been around for more than 20 years, attacks used today are very different from those used in the past. On average, most attacks last under an hour, with the most commonly used attack vectors being:

pirate-flag-on-laptop-screen-data-security-ciphertex-data-security-los-angeles-county

  • SYN floods
  • ACK floods
  • RST floods
  • NetBIOS

Another dominating trend in the DDoS world is the use of ransom DDoS attacks. With these attacks, malicious actors demand a ransom, usually in Bitcoins or some other cryptocurrency, in order to stop the DDoS attack.

How to Identify a DDoS Attack

Unlike other attacks and exploits, it’s relatively easy to identify a DDoS attack. The most common and obvious sign of a DDoS attack is a service or website unexpectedly becoming slow or unavailable.

However, it’s worth noting that sometimes a service or website may experience a legitimate spike in traffic that isn’t caused by a malicious actor. For example, if a website newly releases a trending product, the spike in actual traffic could inadvertently result in what appears to be a DDoS attack. So, further analysis is always recommended to determine the root cause.

A traffic analysis tool is the best option for spotting telltale signs of a DDoS attack. When using these tools, you’ll want to look for things such as:

  • Unexplained surge in request to a single endpoint
  • Suspicious amounts of traffic coming from a single IP address or IP range
  • Odd traffic patterns, such as spikes at random times of the day
  • Flood of traffic from users who share the same geolocation, device type, or web browser

However, you may notice more specific signs, depending on the type of DDoS attack that is being used.

How to Mitigate a DDoS Attack

One of the biggest concerns in stopping a DDoS attack is identifying normal traffic vs. attack traffic. The first step is to determine if there are any logical reasons why your website or other resource would have a flood of real traffic.

Another difficulty in mitigating a DDoS attack is stopping a multi-vector attack. These attacks use many pathways in order to overwhelm a target service. This can distract mitigation efforts and allow the attack to continue.

A multi-vector attack, such as one that targets several layers, requires a variety of mitigation strategies. Even then, the difficulty still remains in identifying real from malicious traffic.

Most experienced attackers will use an attack that allows them to blend in. This not only makes mitigation efforts much harder but more inefficient as well.

How to Protect Yourself from DDoS Attacks

While mitigation strategies can be difficult, there are many effective ways to prevent a DDoS attack altogether.

Rate limiting is one option to consider. This involves setting a limit of the number of requests a server will accept within a certain timeframe. However, rate limiting alone may not be enough to handle a complex DDoS attack.

Another option is a web application firewall. This tool can be useful in mitigating application-based DDoS attacks. With a firewall between the Internet and the server, malicious traffic can be filtered out and stopped.

While there are many options in defending your resources against a DDoS attack, the best option is to work with a company that is experienced in offering data security products and services.

Ciphertex Data Security® has a thorough knowledge of the ins and outs of DDoS attacks and other security threats that can impact the availability and success of your business. Instead of trying to navigate the security world on your own, why not leave this to the professionals?

At Ciphertex Data Security®, we offer a variety of data security products and services that are designed to protect those things most important to your business: your data. To learn more about our services and how we protect you against a DDoS attack, contact us today!

Related Articles

Customer Testimonials

MARYMAN
“Ciphertex has been our go-to company for encrypted storage for nearly two decades . . . Jerry Kaner and the Ciphertex team were able to get us the equipment needed in a very short amount of time.”

Joseph Greenfield, Ph.D VP and Chief Forensic Examiner, Maryman

Anonymous Forensics Project
"We perform large-scale e-discovery and forensics work for classified government agency projects. We’ve used several Ciphertex SecureNAS CX-160KSSD-X 480TB servers recently to great success for an ongoing project."

Large Enterprise Government contractor

Anonymous Forensics Project
"We were assigned the monumental task of handling a staggering 960 Terabytes of data across four locations, alongside an additional 175 Terabytes spread across three more locations, seemed like an insurmountable challenge. The urgency to transfer this vast amount of data to our forensic lab within a tight timeframe was daunting, especially considering the necessity for multiple examiners to analyze the data concurrently.

Navigating through various network environments, some of which demanded heightened security measures in a different data center, only added to the complexity. After multiple meetings and investigations in search of the most efficient and cost-effective solution, our team turned to Ciphertex Data Security, a reputable U.S.-based company headquartered in DC."

Large Enterprise Government contractor

Anonymous Government Contractor Project
"In our consultations with Ciphertex, their technical team proved invaluable, offering insightful advice that preemptively addressed potential delays. Within a mere week, we had the product in our possession. With swift implementation, our system was soon operational, requiring just a few additional days for software fine-tuning and setup adjustments before deployment.

Thanks to Ciphertex’s solution, our mission was accomplished seamlessly, meeting our deadlines and significantly reducing costs. Moreover, the versatility of their product allowed for immediate reuse in subsequent assignments through Ciphertex Instant Secure Erase feature. Ever since, Ciphertex has been a dependable ally whenever we’ve required their expertise and support."

Large Forensics Enterprise Government Contractor

Government Agency Project
"Our experience with Ciphertex was nothing short of exceptional. Entrusted with the critical task of relocating a substantial volume of data (480TB) from disparate locations to a highly secure data center boasting a distinct network environment, the stakes couldn’t have been higher. The data we handled was of utmost sensitivity, demanding foolproof protection throughout its journey.

Utilizing Ciphertex’s SecureNAS systems across three separate locations, we were equipped with encrypted solutions tailored to safeguard our valuable data. What’s more, with the flexibility to operate seamlessly across both 10G and 40G copper and fiber networks, Ciphertex’s technology proved adaptable to our diverse needs.Thanks to Ciphertex’s robust encryption protocols and efficient systems, the transfer of our encrypted data was executed flawlessly, without encountering any hiccups along the way. With peace of mind knowing our data was secure, we successfully completed our mission."

Large Government Agency

Anonymous Forensic Accounting Project
"Our team encountered a significant challenge relocating a vast amount of forensic accounting data from one state to Washington DC, requiring several machines each with a capacity of 275TB useable data. The scale of this task demanded a resilient and highly secure solution. We opted for Ciphertex’s SecureNAS systems to tackle this challenge. With their advanced encryption technology, these systems offered the perfect protection for our sensitive data. Transported via aircraft in durable travel cases, all our data arrived safely at its destination. Upon receiving the SecureNAS units, we were eager to put them to the test.

Once plugged in, they operated flawlessly, seamlessly integrating into our workflow without any issues. Thanks to Ciphertex’s dependable technology, our encrypted data transfer was executed smoothly, contributing to the successful completion of our forensic accounting project."

Large Government Agency

APA (American Photographers Association)
"I’ve been using the SecureNAS CX-40KSSD with 120TB storage for more than 8 years, and it’s incredibly convenient and user-friendly. I handle numerous high-res images and videos while constantly moving between studios. The SecureNAS is my go-to data backup and archive, offering top-notch security and encryption that gives my high-profile clients peace of mind. Because of the piracy issue in our industry, protecting digital video and photos is essential. The portability is also a nice touch as I frequently move from one studio to another.

I’ve also worked with the SecureNAS CX-80KSSD-X with 240TB of space. It’s been smooth, fast, and secure, saving me both time and money. Thanks, Ciphertex for providing such an excellent solution!"

Brooks Ayola Professional Photographer, APA

Ciphertex was able to deliver a very secure and robust portable NAS solution that met the United States Air Forces stringent requirements and everything was accomplished. Not an easy task. The USAF has very high security standards with regards to encryption and the need for a very customizable Portable Storage solution. From initial consultation with the USAF to make sure all of their needs were met, to sending evaluation NAS devices and hosting support calls, there was a very open and good exchange of ideas. Our partnership on this Storage project resulted in a volume order with the USAF and a successful deployment. Thanks very much to you and your staff for always being available for support and your professional courtesy. It was a pleasure working with you and we look forward to future projects!

Gary Mosso ATPGOV & Ace Technology Partners
RAIDZ Calculator

Build a SecureNAS® & configure ZFS RAIDZ.

RAIDZ CALCULATOR
GET A QUOTE
Subscribe to Our Newsletter
Copyright © 2024 Ciphertex All rights reserved

Privacy Policy | Terms & Conditions | Designed by TLG Marketing

Scroll to Top