DDoS attacks are becoming a key concern when it comes to web security these days. From small start-up sites to some of the largest organizational websites on the web, it seems like nobody is safe from the threat of these unique attacks. Specifically, a DDoS attack works by flooding a website’s server with “false” traffic. This fake traffic, in large enough amounts, can overwhelm a site’s servers and cause slow-downs or even complete server outages. For this reason, it is encouraged that all website administrators have some form of DDoS protection in place, regardless of the size and scope of their site.
Still, as DDoS attacks on major players have recently proven, it seems that even some of the largest and most secure enterprise wide websites out there can still fall victim to these attacks because the sheer sizes of these attacks are becoming larger and larger.
More About Recent DDoS Attacks on Major Players
One of the largest DDoS attacks recorded to-date occurred in 2016, when the BBC’s website was completely taken down by a massive attack. The size of this attack clocked in at more than 600 gigabytes per second, a size that was absolutely unheard of at the time. With this in mind, there is likely nothing that anybody could have done to anticipate or prevent the attack from having the impact it did. Specifically, this huge attack took down the BBC website’s servers for hours, resulting in headaches for its users and of course, a tarnished reputation for the organization as a whole.
The United States Library of Congress fell victim to an oddly similar attack that also occurred in 2016. This attack was also hundreds of gigabytes per second in size and resulted in extensive downtime for the Library of Congress website. Employees of the Library of Congress were also unable to access their email accounts during this time due to the fact that their email accounts were hosted by the same affected server.
Pokemon Go, the popular smartphone application/game, was also hit by a huge DDoS attack shortly after it first launched to the public in 2016. This attack had widespread effects on their information management. Moreover, the game’s players in more than 20 countries could not access the servers for an extended period of time.
Bolstering Security Against DDoS Attacks
With some of these major players succumbing to large DDoS attacks, it has become clear that website owners and administrators need to take special precautions. This includes being aware of the signs of an in-progress DDoS attack (or attempted attack) and knowing how to act quickly by getting in touch with one’s hosting company. Furthermore, many hosting companies are now offering some level of DDoS protection that works by essentially “filtering” through web traffic as it comes in. This allows the server to separate legitimate traffic from potentially harmful traffic, thus keeping the site and its servers safe from attacks.
DDoS protection can be purchased in a variety of sizes; for example, basic levels of protection cover against attacks of around 10 gigabytes per second or so, whereas larger levels of protection may be able to stop attacks in excess of 100 gigabytes per second. Website administrators should take the time to assess their specific needs and choose a level of DDoS protection that will best protect their site at a price within their budget.
A little bit of DDoS protection goes a long way, though unfortunately there is no surefire way of protecting against a DDoS attack, since attack sizes seem to be increasing all the time. Still, with a little bit of foresight, administrators can keep their chances of an attack as low as possible.
Image from https://www.datafoundry.com/blog/5-types-ddos-attacks-how-to-mitigate-them/