DDoS is a growing problem, experienced by many. The cost of mitigation varies by the scale if the attack, but there is no denying that distributed denial of service is a big problem for businesses. On one side spectrum, loss revenue can be the result, but there are other costs as well: poor customer experience and brand damage rank just as high. So, the cost isn’t measured solely in dollars — there are other areas in which a DDoS attack can affect your business.
Botnets Are Bad News
Most large scale DDoS attacks are launched through botnets. A botnet is a series of compromised machines that have been infected with malware, which allows a single person the ability to control potentially thousands of machines.
Each machine acts as a “zombie” of the host. It is able to receive commands from a central server, which is referred to as the command and control (C & C) server. This machine is remotely controlled by the attacker, often through a IRC channel or server. When the attacker decides to target a website or application, instructions are put into the software and each machine is relayed the instructions.
And then the attack begins.
How Are Botnets Created?
Botnets are created through countless ways, but most rely on spreading malware; some are programmed to automatically seek out other machines to compromise, while others are done manually. It’s impossible to list all of the techniques used (as they constantly evolve), but the reality is that most machines become part of the “botnet” because of people being careless with their computers.
Malware is bad news. It’s used for more than botnets. It’s used for identity theft. It’s used for extortion. It’s used to spy on everything that you do on your computer.
Attackers are very clever with how they choose to build their botnet. Most malware is packaged into programs or piggybacked onto things that you may be downloading online without a second thought.
Here are the common types of files that are compromised:
- web page components;
- search toolbars;
- software (often “cracked”);
- free subscriptions;
- mp3 players;
- anything you download on the web.
Most botnets are built on people’s carelessness, or ignorance. The fact is, you have to be vigilant in protecting yourself online. People are actively searching for ways to infect computers around the globe. It’s not going to stop.
Your best bet is following a few simple practices. First off, make sure you are updating any software you have installed. This is important. Updates happen for a reason, and most are issued because a vulnerability has been discovered and the developer wants to patch the security hole. This is the same reason why you should be vigilant about updating your WordPress site.
Secondly, do your due diligence when installing software (or plugins) that are not well known. It only takes a few minutes to do a quick search on Google to see if there are any reports of malware you should know about. While this will not protect you 100% of the time, you’ll still have a leg up on the bad guys. The point is: don’t make it easy for someone to infect your computer.
Still, yet another thing to keep in mind is when you are no longer using software on your computer, your best bet is to uninstall it. If it’s not being used, it’s not being updated. Besides, freeing up disk space will only help your computer’s performance, so it’s always good to get rid if software you’re not using.
Most importantly, do not indiscriminately download software online. You have to pay attention to the end user license agreement (EULA). Often times, the fine print will read “the vendor is allowed to install third-party software on your computer”.
I am sure you understand the implication of giving an unknown person permission to install any software they like on your computer.
The Problem(s) with DDoS Botnets
With each infected machine, the potential attack strength of the botnet increases. Botnets are used more often for sending spam, but botnets are being monetized in different ways.
What we’re now seeing is an entire cottage industry popping up offering DDoS attack services to anyone willing to pay for them. Hackers have become so brazen that they openly advertise their services with their own websites, on YouTube videos, and in forums.
Hackers are literally renting their botnets to anyone with the money. So, now you have an environment where you do not have to be technically sophisticated — you don’t even need to know how to code. This makes launching attacks easier, and it makes it easier for everyone.
What compounds the problem is that when attackers use compromised machines, they are completely shielded from investigation. Ultimately, if the attack brings law enforcement into the fray, tracing the attack usually only leads to the infected machines, which are spread throughout the world on innocent people’s computers. From a law enforcement perspective, this is an investigation that usually goes nowhere because botnets typically span multiple countries — even continents. This makes it especially difficult to investigate, if not impossible.
How We Mitigate Attacks from Botnets
There is no need for hardware or software installation to put our DDoS protection services to the task. We make a simple change with your DNS and this allows us to route your traffic through our system.
Rivalhost offers protection from any type of attack. We’re able to scale on-demand to absorb even large, multi-gigabyte attacks. Learn more about DDoS attack prevention and contact us to learn more about which solution is best for you.