For internet users, many of you may be familiar with the term DDos Attack. But what is DDoS attack and why can it be dangerous? You will find the answer in this article.
DDoS is a cyber attack that is relatively common in cyberspace. In fact, the number tends to increase from time to time. According to a report from Kaspersky Cyber Security and Research Company, DDos attacks have been increasing rapidly since the COVID-19 pandemic.
According to the report, it is known, DDoS attacks in the first quarter of 2020 experienced an increase of 25% compared to DDoS attacks in the first quarter of the previous year. This increase in the number of DDoS attacks can certainly be a threat to internet users and actors.
Table of Contents
- What is DDoS Attack?
- Category DDoS Attack
- How DDoS Attacks Work
- Types of DDoS Attack
- How to Prevent DDoS Attack
What is DDoS Attack?
DDoS attack is an attack carried out by hackers on devices or servers on the internet network. DDoS stands for distributed denial of service. In execution, DDoS is done by deploying a large number of hosts to attack a server.
The hackers will flood your server traffic with fake hosts. When the server is successfully flooded by hacker traffic, it will be difficult to access by real hosts or users in general. Another term is that your server will be down and inaccessible.
DDoS attacks are among the activities carried out by hackers the most. In fact, this attack does not only target companies. But it can also target the government sector and even individuals such as individual website owners.
Like cyber attacks in general, DDos Attacks also have the potential to cause huge losses to victims. Therefore, many parties try to protect their servers or sites from the threat of cyber attacks.
DDoS attacks are a type of cyber attack that uses more than one computer and IP addresses distributed around the world to place a heavy burden on services. The use of more than one computer, will make the attack more effective in causing harm to the victim.
Category DDoS Attack
Although it looks simple, DDoS actually has a relatively complex process. In fact, these DDoS attacks can be divided into three different categories based on the OSI layer:
1. Application Layer DDoS
The first type of DDoS category to know is Application layer DDoS. The first category is to take all the resources from the target. This attack is targeted at later where the web page is executed on the server and sends a response to the HTTP request.
This threat can be a problem when there are requests that need to be done simultaneously. The existence of a cyber attack that is so massive on a particular application or site, will hamper the operation of the entire application or site so that it cannot be accessed.
2. Volumetric DDoS
The next type of DDoS attack is Volumetric DDoS. This DDoS attack can also provide significant losses for internet owners/users. The reason is, these attacks can have an impact on bandwidth on the internet.
In short, volumetric DDoS is a type of attack that can drain all bandwidth on the internet network. If the bandwidth on the internet network becomes swollen, it will make the site difficult to access.
3. DDoS Protocol
The third type of DDoS Attack is the DDoS Protocol. Protocol DDoS attacks occur because of the sending of SYN packets in the form of IP addresses in large enough numbers to suppress TCP’s work. Each incoming connection will be responded to by the server waiting for the connection to run but never finish.
This can make processes that continue to run on the server so that overload occurs. When there is an overload on a particular site or application, it will result in the site being inaccessible to other users. Because the server will handle access requests that are too large on the network.
How DDoS Attacks Work
After knowing what is DDoS Attack, now you need to know how the DDoS attack works. In general, the way DDoS works is that hackers do DDoS by flooding the server with requests.
When the hacker manages to do this, the server cannot accept requests from other users. So that other users will find it difficult to access data or information from the sites and applications they are aiming for.
Another method that is usually used by hackers is to do traffic flooding. If in the previous technique the server was flooded with requests, in this technique the server will be flooded with data.
A server that is flooded with data will overload the server. This makes the site in question difficult to access. In addition, in a DDoS attack, hackers can also change the configuration on the server.
Types of DDoS Attack
Bassically, DDoS attacks can be grouped into several different types. In general, here are some of the most common types of DDoS attacks:
1. UDP Flood
One type of DDoS Attack that is relatively common on computer devices is UDP Flood. This process will actually destroy the host’s resources and make the website inaccessible.
2. ICMP Flood DDoS Attack
The next DDoS attack tip you need to know is ICMP Flood. ICMP flood attacks make the target will be flooded with ICMP requests quickly without waiting for a response. This type of attack affects all incoming and outgoing bandwidth and this results in a slow system on the victim’s server.
3. SYN Flood
DDos attacks can also be launched on the server so that it disrupts the workload of the server in question. SYN Flood attack is an attack in the form of a fake request on the server and will get an ACK packet from the server.
However, the connection obtained will be directed to a timeout, not completing the response earlier. Therefore, server resources are becoming increasingly weak. As a result, the server becomes inaccessible and users find it difficult to get data from the server.
4. Ping of Death
The next type of DDoS attack is Ping of Death. In short, Ping of Death is a term for an attack that is sent in the form of a ping command but contains dangerous things to a computer.
The malicious signal will then cause the victim’s computer to become overloaded. As a result, the device will experience a decrease in performance and even damage.
How to Prevent DDoS Attack
After knowing what is DDoS attack, you also need to know about how to deal with the attack. Like other types of cyberattacks, DDos Attacks also include types of attacks that users can anticipate.
For information, here are some ways that can be used to overcome DDoS attacks:
1. Using a Safe Internet Network
In general, DDoS attacks are carried out by the perpetrators through an internet network connection. Through an insecure internet network, the perpetrators will target certain sites or servers in order to make their performance even greater.
Therefore, one way that can be used to reduce the risk of DDoS attacks is to use a secure internet network. As much as possible avoid using public internet networks that are considered unsafe when browsing the internet.
In addition, when accessing a site on the internet, you should visit an encrypted site. One of the characteristics of a site that is quite secure is that the site already uses SSL encryption or htttps mode.
2. Perform Periodic Monitoring
The next tip that can be used to overcome DDoS attacks is to do regular monitoring. In general, this periodic monitoring aims to ensure that the device or server is protected from what is called a DDoS attack.
There are many ways that can be used to monitor a server or site. Starting from diligently performing server inspections to using certain tools for monitoring. We recommend that you carry out regular monitoring for example once a week, once a month, or for a duration according to your policy to avoid the risk of DDoS attacks.
3. Improve Cyber Security
The next way that can be used to overcome DDoS attacks is to increase cyber security. Network Security is an important thing that is useful for protecting data, privacy, and also server security.
To reduce the risk of DDoS attacks, you need to increase network security on the device or data server. The optimal level of security will make the device or server more difficult to penetrate including by DDoS attacks.
4. Using Layered Protection
One way that can be used to overcome the occurrence of DDoS attacks is to use layered protection. Using multiple layers of protection is the best way to prevent DDoS attacks on websites.
You can add website security by using several protection provider services such as firewalls, anti-spam, content filtering, Virtual Private Network (VPN), or other security systems.
5. Regularly Monitoring Traffic
The next way that can also be used to prevent DDoS attacks is to monitor traffic regularly. Thus, you can have a more complete picture and information about the traffic of site visits within a certain period of time.
When you start to detect the occurrence of anomalies or the number of visits that are considered abnormal, you should immediately suspect. If you can distinguish between normal traffic and suspicious traffic, then you will be able to spot the symptoms of a DDoS attack more quickly.
6. Using CDN
Another way that can also be used to prevent DDoS attacks is to use a Content Delivery Network (CDN). Using a CDN will help you filter out abnormal requests to the website through the port protocol implemented by the CDN.
By using a CDN, your website traffic will also be more balanced so that the server will not be easily overwhelmed. CDN works by spreading traffic to all servers in different locations, this will make it difficult for hackers to find your real server so that DDoS attacks can be minimized.
7. Increase Network Bandwidth Capacity
You can also increase the network bandwidth capacity to deal with DDoS attacks. As is well known that DDoS attacks work by flooding traffic to a network. For this reason, it is necessary to increase network bandwidth capacity so that the website is resistant to DDoS attacks. The more bandwidth you have, the harder it will be for hackers to launch a DDoS attack on your website.
DDoS attack is one of the cyber attack activities that are relatively common in the internet world. The main purpose of this attack is to disable a particular site or server so that it cannot be accessed by other users.
DDoS stands for distributed denial of service. In execution, DDoS is done by deploying a large number of hosts to attack a server. When a server has to handle requests that are too large, it will generally make the server overload and inaccessible.
Thus a complete discussion of what is DDoS attack. After reading this article, we hope that the readers will have a more detailed understanding of DDoS. Whether it’s starting from the definition, type, and also how to overcome DDoS attacks on servers or internet sites.