DDoS Boot Camp: Basic Training for an Increasing Cyber Threat

  • View

  • Download

Embed Size (px)


DDoS denial of service attacks have become one of the most common and destructive forms of cyber attacks. Learn more in this summary overview of the DDoS Boot Camp white paper.


  • 1.1 DDoS Boot Camp: Basic Training for an Increasing Cyber Threat Computer hacking has moved far beyond the days of pranks launched by teenagers from a family computer. Today, data breaches and other online attempts to wreak havoc on businesses or individuals are criminal-led, malicious acts. During the past decade, distributed denial of Service (DDoS) attacks have become one of the most common and destructive forms of online hacking. Website visitors are affected when they try to purchase products, access their accounts, or use applications and are greeted with a Page Not Found or other error message, instead of the information they expected. These malicious attempts to take down websites continue to escalate. The downtime caused by a DDoS attack can result in extensive financial losses. For example, Forrester estimates that the average financial damage from four hours of website downtime is US$2.1 million dollars and US$27 million for 24-hour outage. Forrester also reports that financial services companies lost an estimated US$17 million per DDoS attack in 2012. What is a DDoS denial of service attack? DDoS attacks are attempts to make a computer resource (i.e. website, e-mail, VoIP, or a whole network) unavailable to its intended users. Overwhelmed with massive amounts of unsolicited data and/or requests, the target system either responds so slowly as to be unusable or crashes completely. The data volumes required to do this are typically achieved by a network of remotely controlled zombie or botnet (robot network) computers. These computers have fallen under the control of an attacker, generally as a result of infection from a Trojan virus. DDoS attack types Botnets are used to launch different types of DDoS attacks. Each type is characterized by the way it affects web-facing routers, servers, and other elements in a network. Two general types of attacks and their targets include: Layer 3 and Layer 4 attacks that target network infrastructure. Layer 3 (network layer) and Layer 4 (transport layer) DDoS attacks rely on extremely high volumes (floods) of data to slow website performance and deny access to legitimate users. Layer 7 attacks that target applications. In contrast to infrastructure attacks, Layer 7 (application layer) attacks are especially complex, stealthy, and difficult to detect because they resemble legitimate website traffic.

2. 2 Where do DDoS attacks come from? DDoS attacks are a global issue. Organizations all over the world are targeted. Almost every country is a source of DDoS attacks. Many attacks originate from compromised servers at hosting providers that are slow to respond to malware clean-up requests, as well as servers that are out of reach of international authorities. Historically, China has been the leading source of botnet activity, and this position was maintained in Q1 2013 with China generating 40 percent of botnet activity against Prolexics global client base. For the same quarter, the United States was the second leading source of botnet activity, launching 22 percent of DDoS attacks. Why do organizations get hit by DDoS attacks? The first question asked by executives of companies hit by a DDoS attack is, Why me? Most victims have no idea why they were attacked, and they will likely never find out the identity of the attackers. Motives can range from political activism to extortion to random attacks by amateurs. Reasons for an attack may be hactivism, extortion, competition, disgruntled individuals and hacker experimentation. Affected industries No organization is safe from becoming a target of a DDoS attack. Companies large and small are hit daily. Some of the biggest and best-known global brands in the following industries have been taken offline by DDoS distributed denial of service attacks. e-Commerce Education Energy Finance, banking and insurance Government and defense Healthcare Internet and telecom Media and entertainment Non-profits Retail Technology Travel Download the white paper for more details, information about DDoS mitigation services and a case study of a company that successfully protected itself from DDoS attacks. About Prolexic Prolexic Technologies is the worlds largest and most trusted provider of DDoS protection and mitigation services. Learn more at www.prolexic.com.