Cyber Attacks 101: How to Deal with DDoS Attacks

Learn about DDoS attacks in depth and get helpful tips!

Nowadays, distributed denial-of-service (DDoS) attacks are more of a threat to businesses than ever before. Many SMBs and startups make the mistake of not preparing properly for the possibility of falling victim to such an attack. Hackers not only target large corporations, but can also attack smaller and more vulnerable servers or websites. For this very reason, business owners should invest time and resources in the prevention of and response to DDoS attacks.

In this article, we will present you with in-depth information on DDoS attacks and provide you with some helpful tips on how to detect and combat them. By the end, you will know how dangerous DDoS attacks can be for SMBs and startups and what measures you should take to counter them.

DDoS Attacks Explained

So, what is a DDoS attack? Basically, the attack involves a hacker using a bot or some other software to send a large number of signals to a server. Since servers try to process each and every ping sent to them, they get overwhelmed by this fake traffic. As a result, a server attacked by DDoS cannot process real user requests, which renders it unusable. This type of hacker attack is widely used for taking down websites and is shockingly effective.

There are many possible reasons why your business website can become the target of a DDoS attack. Perhaps a competitor wants to hurt your business, or a hacker attempts to extort you. Either way, you need to be prepared for such a situation. In order to accomplish this, some deeper understanding of the types of DDoS attacks can be quite helpful.

Types of DDoS Attacks

While there are a variety of DDoS attacks out there, let’s take a closer look at the two most common types of DDoS attacks and how they work.

Volumetric DDoS Attack

Volumetric attacks are undoubtedly one of the favorite tools in a hacker’s arsenal. Their goal is to overload a server by sending a huge amount of false signals to every available port. There are two types of volumetrics DDoS attacks — UDP floods or ICMP floods.

The User Datagram Protocol (UDP) allows for extremely fast data transmission without any integrity checks. You can see how this is the perfect medium for a DDoS attack. Internet Control Message Protocol (ICMP), on the other hand, refers to the means of communication between different elements of a network. Hackers attempt to disrupt the system by sending a big amount of the so-called “echo requests” via ICMP, causing the server to overload.

Protocol DDoS Attack

The second most popular form of DDoS attack works by targeting the parts of a network that verify connections. Hackers would send a large amount of slow or problematic signals that are way too hard to process and verify. As a result, the server will consume too much memory and eventually crash. DDoS attacks that use huge amounts of malformed data are especially useful against firewalls.

Examples of a DDoS Attack

There are plenty of examples of DDoS attacks against major corporations out there, illustrating how important it is to be prepared at all times. In 2017, Google detected an enormous UDP attack on some of its servers, coming from Chinese ISP’s. The attack was record-breaking in terms of bandwidth, lasting for six months and peaking at 2.5 Tbps. While no major damage was done, the attack on Google showed the massive scale on which DDoS attacks can be executed.

Another famous example is the attack on Amazon Web Services — undoubtedly the biggest player in the cloud computing industry. In February 2020, one of its customers was targeted by a massive DDoS attack that peaked at 2.3 Tbps and lasted for 3 days. The hit utilized a cutting edge technique that used third-party servers to amplify the signals sent to the targeted server. As a result, the system suffered a serious disruption. Even though there were no serious consequences, the attack on AWS was a prime example of how DDoS can be used to harm even the largest corporations in the world.

How to Identify a DDoS Attack

Identifying a DDoS attack is not an easy task. Hackers do not generally announce their moves and business owners might not realize they have been hit at all. You might think that your hosting is down, when in reality you are the target of a DDoS attack. Especially if your website has large amounts of traffic, detecting a DDoS attack might be nearly impossible. However, there are certain clues that can help you identify such an attack.

  • Your logs show an unusually huge spike in traffic
  • A specific IP address makes the same amount of requests over the same period of time, frequently and consistently
  • Your server shows a 503 error, meaning service outage
  • Ping requests time out

Dos and Don'ts of Dealing with DDoS Attacks

No matter the size and scope of your business, you need to invest some time and money into preparing for the possibility of a DDoS attack. Below are some helpful tips on what you should and shouldn’t do regarding this malicious hacker activity.

You should:

  • Prepare a comprehensive DDoS response plan for your organization. Develop processes and procedures and write them down. Hopefully, you will never get to use them, but it’s better to be safe than sorry.
  • Create a DDoS response team and make sure each department knows what to do in case an attack occurs. Define roles, hierarchy, and an escalation procedure within the team. Ensure that everyone is familiar with and has access to your DDoS response plan.
  • Schedule regular meetings with the DDoS team. You should discuss recent suspicious activity and refine your response plan accordingly.

You should not:

  • Do not put all your eggs in one basket when it comes to DDoS protection. There is not a single solution that can take care of each possible scenario. There are plenty of anti-DDoS software tools on the market that claim they are all you need — do not trust them. Adequate DDoS protection requires a multi-layered security system and a combination of software and manual work.
  • Never engage the hacker who is attacking you. If they try to communicate with you in any way, do not respond. Send any messages or audio recordings straight to law enforcement. It is not unusual for hackers to try and extort you using DDoS attacks as a threat. Needless to say, you should not give in to any demands.
  • Do not assume that a DDoS attack is the only thing you should worry about. More often than not, hackers will use DDoS attacks as a distraction in order to divert your attention from their real goal. While you are dealing with the bombardment, they might use a weakness in your network to steal information. To counter that, you need to make sure your usual data security procedures are active even during a DDoS attack.

Conclusion

If you are the owner of an SMB or an ambitious startup, you cannot afford to neglect the possibility of a DDoS attack. It has the potential to cripple your operations and cost you a lot of money, as well as brand reputation. Do not underestimate the permanent impact such an attack can have on your business. Make sure you prepare a detailed strategy to detect and deal with DDoS attacks. Even if you never use it, it is still better to have one in place in case something happens.


Zeguro is a cyber safety solution and insurance provider for small to mid-sized businesses (SMBs), offering a comprehensive suite of tools for risk mitigation and compliance, as well as insurance premiums that are tailored to the size, sector and profile of a company.
Learn more →

Start My Trial
Jai Bawa
Written by

Jai Bawa

Content Marketing and Social Media Intern

Student at San Jose State University, fascinated with the world of Digital Marketing. Movie enthusiast. Always curious!

Sign up for the latest news

Oops! Please make sure your email is valid and try again.