How can you protect your website against DDoS attacks?
DDoS attacks can cause major economic damage and completely shut down websites. What is a DDoS attack? How can you protect your website against DDoS attacks? And what does Combell provide for this?
What is a DDoS attack?
First, we need to explain what a DoS (Denial of Service) attack really entails. This is a situation where a computer system cannot provide the service that you are expecting as a user. This can happen due to an unintended error in the program, but usually these are situations where the access to servers, devices, services, networks, applications, or even specific transactions within applications is deliberately made impossible by e.g. computer hackers or activists.
Where there is only one system with a DoS attack that carries out the attack, the attack with a DDoS (Distributed Denial of Service) attack will come from various systems.
In concrete terms, the system that is being attacked is flooded by a huge amount of data requests. For example, a web server can receive so many requests to show a page that it cannot handle this and becomes unavailable. The target can also be a database, which must process so many queries that it cannot cope, slows down or even crashes. As a result, normal requests no longer reach the database or data server, and the user is not shown the desired information. Ultimately, the fake requests fully utilise the available bandwidth, CPU and RAM.
What is the role of a Botnet in a DDoS attack?
DoS and DDoS attacks have existed for more than 20 years. The first attack that made the papers goes back to the year 2000, when a student with the nickname Mafiaboy managed to shut down sites like Amazon, CNN and eBay. In October 2016 an important provider of Internet infrastructure services, Dyn DNS, was hit by a DDoS attack, so services like Amazon, Netflix, Reddit, Spotify, Tumblr and Twitter were disrupted.
The attacks, however, are becoming more powerful. At the end of the nineties, 150 requests per second were enough to crash a system. With the attack on DynDNS, this amount had grown to 1.2 TB of fake requests per second, and with a recent attack on Github, up to 1.35 TB per second.
The impressive amount of fake requests, originating from various sources, is only possible by using ‘botnets’. These are computer networks on which the hackers have installed software, unbeknown to the owner, which suddenly comes alive with the attack. These are also called zombie computers, who listen to the botnet-shepherd. For example, the Mirai botnet was used with the DynDNS attack, which worked with more than 100,000 IoT devices, IP cameras and printers included.
Such botnets are cynically enough for sale or rent on the Dark web, ready to be used!
If you would you like to find out more about the different types of DOS attacks (such as Syn Flood, UDP Flood, Ping of Death, etc.), this article published on eSecurity will introduce you to this dark world.
Who carries out DDoS attacks and why?
Why would someone carry out such an attack, you might wonder? The answers vary… Some do it ‘just for fun’, because they can; by doing so, they like to establish a reputation as a hacker. Others have downright criminal purposes, such as extortion. They attack a website and demand money to stop the attack. And with that one successful attack, they can threaten other companies: “pay or the same will happen to you!” It is a bit like mobsters and their ‘protection money’. These attacks may also involve individuals, with personal reasons, or a group. Government-sponsored attacks against systems of other countries are also possible.
What does Combell do to protect you against DDoS attacks?
To start with, Combell has a major advantage: its network is very extensive. Where attacks on servers with smaller hosting companies would immediately bog down the network, the traffic of the fake requests can be distributed across the large network at Combell. Imagine a single lane, which is suddenly overwhelmed by a lot of traffic so the traffic stops completely, and then a road with 100 lanes, that can smoothly process the increased traffic.
Furthermore, Combell has implemented different defence mechanisms to detect DDoS attacks in time and to respond immediately. An additional option that Combell offers you is the anti-DDoS Scrubbing Center (NaWas): when malicious traffic is detected, Combell immediately notifies the backbone provider, which subsequently forwards the traffic to NaWas. Here, advanced equipment determines whether the traffic is valid or not. Malicious traffic is blocked and valid traffic is filtered out and sent to the right destination. This way, your visitors will get to your website or application without any problems, even during a DDoS attack.
Protection against DDoS attacks is only one component of Combell Shield
Conclusion: the economic damage that is caused when a website or web service is temporarily unavailable as a result of a DDoS attack can be enormous. The technology of DDoS attacks is coming more and more advanced and requires an increasing higher level of vigilance and protection against the attacks. The experienced collaborators of Combell closely follow these developments and apply the latest defence mechanism as soon as possible. So, you can be assured that your website will remain available.
DDoS protection is only one component of Combell Shield, which you can enjoy by default with your Combell hosting package. Combell draws a real shield around your hosting, at various levels, to protect both the application, the operating system and the network. The shield includes, among other things, a defence mechanism against brute-force attacks and SQL injections. Plus, the automatic patching service provided by Combell Shield ensures that vulnerabilities in Content Management Systems or scripting languages such as PHP are patched as soon as they are detected. You are really safe behind Combell Shield!
You can also rely on the special protection mechanisms offered by Combell for other hosting services, such as tailored managed hosting. In your Service Level Agreement, you can also include options like security audits, security tests and stress tests. Check out the options available with our SLAs.
And last but not least, the final piece of this protection is the Tier 3+ data centre where your hosting is located. Not only is it a robust building, resistant to water, fire and power failures, but it is also strictly guarded. In addition to the strict access control system, the data centre features 24/7 physical security and continuous video surveillance.
You can rest easy, Combell stands guard!