The Denial of Service Underground: DDoS Perpetrators and Attacks Exposed [video]

These days, bandwidth is the link that keeps everyone connected. Our computers require it, so do our TVs, our telephones and our appliances. Like water and energy, it has become a valuable utility that we can’t live without.

According to industry reports, global internet traffic will increase three-fold over the next five years. By Gartner’s estimates in 2020 there will be 20.8 billion connected devices on the planet. Yet access to the internet has become a bargaining chip for threat actors: There’s an entrenched denial of service underground that’s trying to put a chokehold on access to bandwidth. Watch our video to see how they use distributed denial of service (DDoS) attacks to cut off access to the internet.

Denial of Service Attacks: Everyone’s Problem

DDoS attacks can affect anyone. Hans Huberland of Rackspace describes a DDoS attack succinctly, “The idea is nefariously simple. DDoS attacks flood a website network or server with so much traffic it can’t sustain the load, causing it to slow down and eventually become unreachable and therefore unusable.”

And these threats aren’t just relevant to businesses or governments either. They affect everyone, says Ofer Gayer of Imperva/Incapsula. “Whether you’re a part of an ops team and you suffer from outages affecting you directly or you’re a home user and your browser’s timing out or your gaming console isn’t connecting, chances are you have already been a victim.”

When it comes to bandwidth DDoS attacks are the tools threat actors use to make sites crash and cause outages.

The Underground and Criminal Syndicates

Technological advancement defines our connected world but criminals, hacktivists and cyber gangs are using our access to connectivity as a weapon. They do it for money, publicity, political agendas and, in the case of video gamers, kicks. Unfortunately, no one is immune.

Criminals understand how important bandwidth is to business. They also understand that when websites are taken offline it results in lost sales, unhappy customers and damaged brands.

These cyber criminals execute bandwidth arbitrage by “renting” a network of compromised computers (known as botnets). They then send threats to several sites at once. Says Gayer: “Criminals threaten businesses with a DDoS attack if they don’t pay their ransom fee. It’s a form of online extortion.”

How the Threats Happen

In the internet criminal ecosystem, hackers represent the first wave of attack. These are the people who compromise your network. Botnet herders then take control of your device via remote command-and-control servers. Lastly, the kit maker takes the botnets and makes them easily accessible for nefarious purposes.

No One Is Safe

All types of organizations can fall prey to DDoS attacks from banks, hospitals, and universities – even entire governments.

Interestingly, gaming communities are often the victims of debilitating DDoS attacks. Cheaters are always looking for any advantage they can get, including in a video game or online sports betting. One of the most prominent video game attacks happened two years ago.

Over 160 million gamers woke up on Christmas day and discovered they were unable to log in and play their brand-new Xbox and Playstation games. Hackers deployed a massive long-term DDoS attack that brought down Sony and Microsoft’s servers for three days.

What You Can Do About DDoS Attacks

DDoS attacks can be detected and, most importantly, blocked. Whitehat hackers (the good guys) do this by looking for system irregularities and vulnerabilities to patch.

Network ops teams have internal and third-party tools in their arsenal to detect and stop attacks. Cloud DDoS mitigation services are specifically built to block enduser networks from massive attack traffic. These security providers have the know-how and experience to thwart attacks on the network and application layers, and protect the DNS servers.

Planning your DDoS response plan and having a strategy in place will help ride out a DDoS attack if you become a target. There are tools to provide maximum website security and can be customized to suit your specific needs.

For more information about this topic, check out our video: The Denial of Service Underground: DDoS Perpetrators and Attacks Exposed.

You can also learn more about how you can protect your website.

Keep your finger on the pulse

Sign up for updates from Imperva, our affiliated entities and industry news.