05/23/2022 | News release | Distributed by Public on 05/22/2022 21:38
DDoS stands for distributed denial of service, and a DDoS attack is when criminals deliberately disrupt the functionality of an online service. These online services include company websites, online shops and the infrastructure for remote access to a corporate network. The latter is currently an even more vulnerable target due to the increased number of people working remotely. With DDoS attacks, cybercriminals attempt to disrupt the operation of an online service by overwhelming the server with a huge amount of requests and visits. This overloads the server as it is unable to process these requests. The online service then becomes unavailable for visitors. The effectiveness of DDoS attacks primarily stems from the fact that cybercriminals use distributed networks of computers and Internet of Things (IoT) devices as the source of the attack. These networks are what are known as botnets. The botnets are usually made up of computers and devices previously infected with malware. They are then controlled remotely by hackers to conduct the attack.
Cybercriminals carry out DDoS attacks in order to overload an online service with a stream of data to make it extremely slow or shut it down completely. If a service - for example an online shop - is unavailable for an extended period of time, this can lead to a significant loss of profit for the company. If customers are unable to access online services as usual, the company may also suffer reputational damage in addition to a drop in turnover. Cybercriminals often continue to exploit this situation and demand a ransom payment from the company to stop the attack or refrain from starting further attacks. These attacks are referred to as ransom denial of service (RDoS) attacks. If the payment is not made by a set deadline, further DDoS attacks follow.
If a company notices that a DDoS attack is being carried out - for example due to an unusually high amount of traffic for an online service - they should contact their Internet service provider immediately in order to ensure that specific and appropriate countermeasures can be implemented. The primary goal should be to isolate the area of the network affected by the DDoS attack.
"DDoS attacks can disrupt a company's online presence, impact its productivity and have an effect on profits. The risk makes it extremely important to define preventive countermeasures in order to improve IT security within the company" says Andreas Crisante, Senior Information Security Officer at Baloise. With a proactive approach that includes the coordination of employees, processes and automations, companies can reduce cyber risks and minimise interruptions to service. The following measures are particularly important when it comes to defending against DDoS attacks: