The National Agency for Computer Security (ANSI) warned Saturday against the distributed denial-of-service (DDoS) attack, which “targets websites and online services. The aim is to overwhelm them with more traffic than the server or network can accommodate. The goal is to render the website or service inoperable.”
“It is one of the most powerful weapons on the internet. When you hear about a website being «brought down by hackers,» it generally means it has become a victim of a DDoS attack. In short, this means that hackers have attempted to make a website or computer unavailable by flooding or crashing the website with too much traffic.”
What is the impact of a DDoS attack?/
The ANSI explains that the loss of availability of a service or network following a DDoS attack can have a drastic impact on a company’s brand image and can seriously damage its E-reputation and the referencing of its website. Indeed, a website specialised in e-commerce which is put out of service following a DDoS attack, can suffer huge financial losses not to mention the negative impact that this would have on its customers.
In addition to the direct impact of the DDoS attack, additional costs can be added to the list of financial losses in the form of compensation to customers and the cost of technical solutions to improve the security of the company’s technical infrastructure against DDoS attacks.
The traffic can consist of incoming messages, requests for connections, or fake packets. In some cases, the targeted victims are threatened with a DDoS attack or attacked at a low level.
How do DDoS attacks work?
The theory behind a DDoS attack is simple, although attacks can range in their level of sophistication. Here’s the basic idea. A DDoS is a cyberattack on a server, service, website, or network floods it with Internet traffic. If the traffic overwhelms the target, its server, service, website, or network is rendered inoperable.
The primary way a DDoS is accomplished is through a network of remotely controlled, hacked computers or bots. These are often referred to as «zombie computers.» They form what is known as a «botnet» or network of bots. These are used to flood targeted websites, servers, and networks with more data than they can accommodate.
How to protect yourself from Distributed Denial of Service attacks
The agency points out that while a DDoS attack is inevitable, there are solutions to mitigate its impact, as the implementation of a WAF (Web Application Firewall) which can mitigate the impact of a DDoS attack, by blocking IP addresses from the same source or by directing the traffic to a black hole. Whether local or at a hosting company, the implementation of a WAF has become a crucial step to secure a web server.
It also recommends setting up a buffer server (also known as a “cleaning centre”) which allows incoming traffic to be analysed, filtered and cleaned.
It is also necessary to opt for a Web architecture composed of mirror sites, by acquiring different domain names (.net and .com for example). This way, if one of the domains is targeted by a DDoS attack, the traffic is directed to the second website.
Finally, it is important to update CMS (Content Management System) kernels and third-party applications that are frequently used with WordPress or Drupal.
Source: TAP News Agency