What is a DDoS attack and why you should be worried about them

Last week the largest ever DDoS attack of its kind in history took place, taking down major sites in its wake such as Twitter, Netflix, the Guardian, Spotify, Reddit and CNN.

But what happened is far more relevant to us as users than you may think. We’re going to talk you through what exactly a DDoS attack is, and why people need to be aware of the potential dangers of unprotected devices.


What is a DDoS attack?

A DDoS attack, or distributed denial of service, is a digital attack where hackers infect a large network of internet-connected devices with malware known as “botnet”, where the devices can be controlled without the owner's knowledge. These botnet infected machines are then used by the hackers to flood servers with insane amounts of traffic, which in turn prevents genuine users accessing the site. As we’ve said already, the one we saw in mid-October is “the largest of its kind in history” according to some experts, and it’s certainly not the last time you’ll hear about an attack of this nature.


Why does this matter?

As our reliance on devices connected to the internet continues to grow, so will the likelihood of these events taking place. We’re entering the age of the magic Internet of Things (IoT), where almost everything you can find from the factory floor, offices and to your home nowadays has, or will have a potential internet-connected replacement in the future. There were 10 billion connected devices in 2015, this number is expected to grow to 34 billion devices by 2020, with 24 billion of these IoT devices. As you can imagine, the more devices that are connected globally, the more opportunity for hackers to take advantage and carry out even more powerful DDoS attacks.


The problem with the industry

It’s common knowledge that the industry isn't doing nearly enough to tackle this gargantuan data security issue facing us. Billions of internet connected devices such as webcams are being shipped to consumers with no plans for software updates to patch security flaws if and when they are discovered, and many do have passwords, but this is often left as the default password by users as they are unaware of the potential data security dangers. This most recent DDoS attack was in part the fault of insecure internet connected webcams, and these devices have since been recalled, but the industry as a whole needs to take a much more serious view on security before continuing to ship poorly protected devices. This is everyone's responsibility, but it needs to be driven from the top. 


Why this matters to business

Similar to ransomware locking all critical data on a business’ system, DDoS attacks can be used to extort money from businesses if they don’t have the tools necessary to deal with attacks. As it stands, protecting businesses DDoS attacks is simply a measure of having more firepower than the bad guy. Without investment into protecting your operational systems, businesses will fall victim of these malicious attacks and many will suffer heavily because of it.

Action must be taken to keep your business safe.


Simple things users can do to help being infected

The most simple thing all users can do to help prevent their devices getting infected is to immediately change default passwords as soon as you receive a new device. We would also recommend changing these passwords regularly, just to make sure all of your devices are staying as safe as possible.

It’s also extremely important to make sure to perform all device software updates as and when they are available. These updates are critical to keeping your devices safe and patching security flaws that will almost inevitably be discovered by technicians.


What businesses should do

Businesses need to be prepared for cyber attacks in all directions, and protecting the organisation in only one direction will leave your systems vulnerable to attack. At Exmos, we offer a wide range of security packages, including business continuity and disaster recovery, to make sure your organisation is fully protected from all angles.

Get in touch today to discuss what security options would suit your business systems best. 

Posted by Jordan Maciver on Friday, October 28, 2016



PAIN-FREE IT +44 (0)1324 486 844

  • Linked-In
  • Twitter
  • RSS