binary, random, numbers to represent DDoS


With DDoS posing as a real threat I feel that not enough businesses realise that they are a target or prepared for an attack. In this blog I wanted to explain what it is, the video I think is a great aid to help us visualise a DDoS attack, and how to manage them.  Yes there needs to be a budget but if managed well you can reduce the chances of your organisation being successfully overrun by an attack using methods that fit your business.

Picture this

A massive DDoS attack hits your server. Your basic security systems fail to respond in time.
Suddenly your business grinds to a halt and your website is down for hours. You are losing untold amounts of revenue. or even worse the actors are demanding a ransom to stop the the attack.

Unfortunately this is a reality and denial of service attacks are here to stay, no business can afford to be unprotected. Neustar’s  Cyber Threats & Trends Report: First Half 2020 stated that “This year marks the advent of the largest volumetric DDoS attack on record. Amazon Web Service (AWS) reported that an unidentified customer on their network had been hit by a 2.3 Tbps attack that continued for days.”


What is a DDoS? The video below helps us understand what it is. It demonstrates  why an attack is hard to guard against and also sheds light on the systems that you need to have in place to defend.

There are a number of attack types and I have listed a few below:

Volumetric Attacks

The most common DDoS attack overwhelms a machine’s network bandwidth by flooding it with false data requests on every open port the device has available.

Application-Layer Attacks

These attacks make use of the application layer focus primarily on direct Web traffic. The usual channels are HTTP, HTTPS, DNS, or SMTP.

Protocol Attacks

This works by sending successively slow pings, deliberately malformed pings, and partial packets, causing memory buffers in the target to overload and potentially crash the system. A protocol attack can also target firewalls. This is why a firewall alone will not stop denial of service attacks.

Best Practices for Preventing DDoS attacks

DDoS attacks are evolving and are showing no sign of slowing. They keep growing in volume and frequency, commonly involving a “blended” or “hybrid” approach.
Without early threat detection and traffic profiling systems, it’s impossible to know they’re here. In fact, chances are you know about it only when your website slows to a halt or crashes.
To fight DDoS attacks, you need a plan, as well as reliable DDoS prevention and mitigation solutions. You need an integrated security strategy to protect all infrastructure levels.

Develop a Denial of Service Response Plan.

Develop a DDoS prevention plan based on a thorough security assessment. Unlike smaller companies, larger businesses may require complex infrastructure and involving multiple teams in DDoS planning.
When DDoS hits the response needs to be defined in advance to enable prompt reactions and avoid/reduce any impacts.
An incident response plan is the critical first step toward comprehensive defence strategy. DDoS response plan can get quite exhaustive, depending on the infrastructure. The first step when a malicious attack happens is crucial, it can define how it will end. Make sure your data storage location, be it a data centre or a cloud solution is prepared, and everyone is aware of their responsibilities. This minimises the impact on your business and save months of recovery.
The key elements remain the same for any company, and they include:

    • Systems checklist. List all assets you should implement to ensure advanced threat identification, assessment, and filtering tools, as well as security-enhanced hardware and software-level protection.
    • Form a response team. Define responsibilities for key team members to ensure a well drilled reaction to the attack as it happens.
    • Define notification and escalation procedures. Make sure everyone knows who to contact in case of the attack.
    • Develop communication strategies including a list of internal and external contacts that should be informed about the attack. Include customers, cloud service provider, and any security vendors.

Secure Your Network Infrastructure.

Mitigating network security threats can only be achieved with multi-level protection strategies in place.

Including advanced intrusion prevention and threat management systems. These are a combination of firewalls, VPN, anti-spam, content filtering, load balancing, and other layers of DDoS defence techniques. They enable constant and consistent network protection to prevent a DDoS attack from happening. 

Although most equipment comes with DDoS defences built in you may want to outsource some of the additional services. Cloud-based solutions can access advanced mitigation and protection resources on a pay-per-use basis. This is an option for small and medium-sized businesses who want to keep their security budgets within projected limits.

Make sure your systems are up-to-date. Outdated systems are usually the ones with most loopholes which Denial of Service attackers can find. Patch your infrastructure and installing new software versions, to reduce the chances of this happening. 

Practice Basic Network Security

Engaging in strong security practices can keep business networks from being compromised. It reduces user error. Include practices such as complex passwords that change on a regular basis, anti-phishing methods, and secure firewalls that allow little outside traffic. These measures alone will not stop DDoS, but they are a critical security foundation.

Maintain Strong Network Architecture

Secure network architecture is vital to security. If possible create redundant network resources; if one server is attacked, the others can handle the extra network traffic. If possible, servers should be located in different places geographically. Spread-out resources are more difficult for attackers to target.

Leverage the Cloud

Outsourcing DDoS prevention to cloud-based service providers offers several advantages. Mainly cloud has far more bandwidth, and resources than a private network likely does. This makes it harder for a DDoS attack to shut down operations as a on premises resource.
Cloud means it is a diffuse resource. Cloud-based apps can absorb harmful or malicious traffic before it ever reaches its intended destination.
Cloud-based services are operated by software engineers whose job consists of monitoring the Web for the latest DDoS tactics.

Understand the Warning Signs

If a lack of performance seems to be prolonged or more severe than usual, the network likely is experiencing a DDoS and the company should take action.

Consider DDoS-as-a-Service.

DDoS-as-a-Service provides improved flexibility for environments that combine in-house and third party resources.
It ensures that all the security infrastructure components meet the highest security standards and compliance requirements. You have the availability of tailor-made security architecture for the needs of a particular company, making the high-level DDoS protection available to businesses of any size.