Major Players Who Have Recently Suffered From DDoS Attacks
These days, it seems as though web threats lurk around every corner. Specifically, distributed denial of service (DDoS) attacks have become increasingly common over the course of the last several years. And contrary to popular belief, it’s not just smaller websites lacking in security that can be extremely prone to these kinds of attacks; even larger organizations and global businesses with robust security features in place have fallen victim. By understanding DDoS attacks and how they work, as well as how several major players have become victims of DDoS attacks, you can gain a better understanding of what it takes to avoid these vulnerabilities.
Understanding DDoS Attacks
Specifically, a DDoS attack works by flooding a website’s server with excessive, illegitimate traffic. Many website servers are not equipped to “filter” through high levels of traffic seamlessly, so the server itself becomes overwhelmed and tries to sift out the “fake” traffic from the legitimate users trying to access the site. This severely bogs down the server, slowing down page load times for site visitors and, in some cases, even causing the entire web server to go down.
There are several different types of DDoS attacks, though they all share the same purpose of flooding a server and causing significant downtime and/or latency to a site. Some of the more common types of DDoS attacks seen today include:
- Bandwidth attacks
- Traffic attacks
- Application attacks
DDoS Attacks on Large Organizations
Unfortunately, websites of all sizes and security levels can be prone to a DDoS attack if the attack is large enough. Over the years, the size of these attacks has grown exponentially, and attacks today can range from just a few gigabytes per second to hundreds of gigabytes per second.
In fact, there have been numerous circumstances over just the last couple of years where large companies and organizations have surprisingly fallen victim to DDoS attacks. For example, in 2016, the BBC’s website was actually taken out by a DDoS attack that was more than 600 gigabytes in scope. The site itself ended up being down for several hours, preventing users from accessing its content and resulting in increased security measures for the BBC to prevent future attacks. Still, nobody could have ever seen an attack of that scale coming, and it is unlikely that it could have actually been prevented.
Another surprising and massive DDoS attack took place in July of 2016 when the United States Library of Congress was hit. This attack not only took down the Library of Congress website, but it had the added impact and inconvenience of taking down their email servers. This prevented many employees from being able to open their emails, resulting in a number of logistical issues.
Another 2016 attack affected the popular Pokemon Go smartphone game, and this ended up being one of the biggest attacks in history in terms of the scale and the sheer number of people affected. In fact, players in more than 25 countries were affected by this attack just shortly after the game was initially launched.
Unfortunately, these are just a few examples of the many businesses, organizations, and websites that have been affected by DDoS attacks within the past two years or less. Only time will tell which others may be affected in the future and what the scale of these attacks will be, but if the past is any indication, the size and scope of these attacks will likely get worse.
Tips for Avoiding DDoS Attacks
With all this in mind, it is now more important than ever for website owners to be aware of how to protect their servers from DDoS attacks. While there is no way to know with 100% certainty that you will never fall victim to such an attack, there are ways to significantly reduce your likelihood of being affected.
For starters, be aware of the potential signs or “red flags” of a DDoS attack, such as slow page load times or unexplained downtime. Even if you’re able to access your site just fine, take complaints of downtime or slow page loading seriously, as these could be signs of an attack in progress.
One of the best ways to go about protecting your site from an attack is to have a dedicated server with at least some level of DDoS protection in place. DDoS protection on a server essentially allows your web server to “filter” through traffic efficiently as it comes in. Any illegitimate traffic can be prevented from reaching your site, while legitimate traffic is allowed to pass through without additional lag or other issues. DDoS protection packages can generally be purchased through your hosting company, and the level of protection can vary to protect you from attacks of a few gigabytes per second to 100 or more gigabytes per second.
The amount of protection you need will vary greatly depending on how much traffic your site typically sees and how much you’re willing to spend.
Facing a DDoS attack can be a nightmare for websites and organizations of all sizes, and nobody is fully immune from such an attack. Fortunately, there are some steps that can be taken to reduce one’s risk of falling victim to an attack.