The Internet is undoubtedly one of the greatest technological gifts humanity has ever seen. It has transformed society and the way we look at the world and communicate with each other; it’s been a boon to commerce and business. All of this is balanced, however, by the darker side of the web. It comes with many of its own threats and hazards.
Kelvin Smith, IT Expert at WHUK, writes that in 2015 DDoS attacks are the greatest tool for hackers. These ‘Distributed Denial of Service’ attacks are conducted anonymously, and flood the recipient website with thousands and thousands of bogus requests; far too many for the website to handle physically.
This often means that the website, and all Internet related operations, are down and unable to be used. There are very few people in a business, all the way down to the janitor, that are not aware of this simple fact. Anyone with a grudge to bear can execute one of these attacks with the services of a (semi-) professional hacker: the jilted interviewee, the disgruntled employee, or even an external competitor.
2014 was a big year for these attacks and many were large enough to make the pages of ‘serious’ journalism; the attack on Sony PlayStation and Sony Entertainment Network springs to mind. This bodes ill for 2015, as they seem to be an effective way of shutting down a company’s operations, at least temporarily. Some of the most popular methods include:
Distributed Denial Method
The communication lines in this method are opened by hundreds of compromised computers. A hacker with access to these can send requests any time to a server to bring it down. The name ‘distributed denial’ refers to the numerous computers that are involved.
Handshake Method
Using this method, a computer opens a TCP line with the server and waits for the server to respond and complete the handshake. This needs to happen before the actual data transfer can take place. In a malicious attack, the handshake is never completed leaving the server hanging; ultimately this leads to server downtime.
UDP Method
The fastest of the DDoS attacks method, employs DNS servers for the beginning of the attack. Under normal circumstances, the User Datagram Protocol is used by the computer to resolve URL issues. However, hackers take advantage of the weakness inherent in UDP packets to create a flood of messages to a server.
Several things can be done to provide protection from a DDoS attack. Extending your bandwidth helps but is expensive and somewhat of a ‘nuclear option’. Ensuring your anti-DDoS provider shares its data with you, rather than hiding the elements that may help hackers, will also allow you to make informed decisions on IP-banning.
The security principles set forth in industry standard ISO/IEC 27002 provide a framework for effective security, built around the cycle of Plan, Do, Check, and Act (PDCA). Many good security products are on the market, but all are designed to meet specific threats – and will not block other threats. At GRT Corp. our security philosophy is built around these words by noted security expert Dr. Bruce Schneier: “Security is not a product, but a process.”