Transport yourself back to high school for a moment, and picture this scene: You’re on your way to class when a bigger, tougher, meaner student decides to block your path. You try and laugh it off, but they keep standing there, refusing to let you pass. What starts as a minor irritation quickly becomes more annoying as the bell sounds and you realize that you’re going to be late — and on the day of a crucial test, too.

As analogies go, this may possibly sell short the threat of DDoS (Distributed Denial of Service) attacks, but it hopefully goes some way to showing how they have shifted from inconvenience to major threat over a relatively short period of time.

A DDoS attack, as its name implies, is all about denying users access to a particular service. It does this by bombarding a target with massive amounts of fake traffic, thereby stopping legitimate traffic from reaching its desired destination. DDoS attacks have temporarily knocked offline some of the biggest websites and services around, costing millions of dollars in some cases as a result of the unwanted downtime. Today they are expertly executed attacks by professional teams of cyber criminals, a far cry from the earliest DDoS attacks, carried out by teenaged troublemakers.

In recent years, there has been an enormous uptick in the number of DDoS attacks. One reason for this is the increasing reliance on connected infrastructure in the world. Particularly during the COVID-19 pandemic, the world relied on online services for everything from education to remote employment to entertainment to shopping. While the pandemic is now beginning to recede in many places, it seems unlikely that the world will stop leaning on technology so heavily any time soon.

More accessible attacks

Perhaps an even bigger reason, however, is that DDoS attacks are becoming more accessible than ever. Considering the enormous amount of damage a DDoS attack can cause, the barrier to entry is incredibly low for anyone wanting to perform an attack. One prominent illustration of this involves the services referred to as “stressors” or “booters.” 

These services let users rent botnets, networks of private computers infected with DDoS malware, in the same way they might rent any subscription service. In theory, this can be done for legitimate purposes — with the idea being that they can use it to stress test their own websites or online services to see how they cope with large amounts of traffic.

But while these legitimate use cases almost certainly exist, they can also be utilized to launch DDoS attacks against others, without having to have the expertise to construct a botnet on their own. Botnets can be rented for as little as a few dollars a time, meaning that it’s possible to launch a sustained DDoS attack for the equivalent of a family’s grocery bill for a week. A poorly defended network could therefore be put through the wringer by an individual with a grudge, but little in the way of technical acumen.

Despite this considerable threat, stressors or booter services exist in a morally dubious gray area where they are not illegal (because they could serve a legitimate use), but are also clearly open to abuse. They are just one of many evolving threats that businesses and other organizations must be aware of — and able to deal with.

The problem is getting worse (and what to do)

Fortunately, there are tools for protecting against DDoS — and it’s essential that these are taken seriously and become a cornerstone of any good cyber security defense. Tools such as Web Application Firewalls (WAFs) can help filter out bad traffic, while nonetheless allowing legitimate traffic to continue through to its destination. This means allowing services to continue operation, even when an attack is potentially going on. Meanwhile, scrubbing centers can help to cope with the massive size of volumetric attacks, once again allowing businesses to carry on operating as they wish to.

DDoS attacks have been a fixture of the cyber security threat landscape for at least two decades now. Since then, the problem they pose has only gotten worse: bigger attacks, longer-lasting attacks, and new methods of inflicting damage, such as ransom-based DDoS attacks, which extort money from users through the threat of DDoS. 

It would be a mistake to assume that the problem is going away any time soon. If even the likes of stressor or booter services remain commonplace, then the dream of stopping DDoS attack altogether should be considered a mere fantasy. However, by taking the right preventative and safeguarding measures, it’s possible to mitigate the threat of DDoS.

As organizations rely more than ever on their online presence in order to both survive and thrive, this is a crucial step to take. It’s an investment that no business or organization is ever likely to regret making.