Imagine a double lane road that can handle ten cards per minute. If there are more than ten cars on the road, traffic will go slower. If there are a lot more than ten cars on the road, then traffic will stop altogether and cause a traffic jam. A distributed denial-of-service (DDoS) attack is like a traffic jam.
A server, like the road in our example, can accommodate a certain amount of traffic. However, when that limit is reached the server begins to run slower. When that limit is exceeded, the server will eventually crash and it will no longer be able to process requests. System administrators plan for peaks in web traffic so that their server can handle all the requests that come to it.
In a DDoS attack, an attacker will access the system through multiple computers or systems, which is why it is called a “distributed” denial-of-service attack. These groups of connected computers are called botnets.
Take our example from earlier. If you were driving on a road and you encountered a traffic jam, a police officer could help detour the traffic, and you would arrive at your destination. The police officer is able to easily address the issue because there is only one traffic jam.
But what happens if there are multiple traffic jams on every road you take? This is what attackers do in a DDoS attack. They use a botnet to distribute the attack through multiple sources, each source with its own unique IP address. This is more difficult to mitigate because the IP addresses are different from each other. DDoS attacks are simple in concept, but they are a huge threat to enterprise businesses and a headache for system administrators.
DDoS attacks have become a bigger problem in recent years because attackers are getting better at sneaking past IT defenses. They are also increasing in number. In 2014, 41% of organizations were hit by a DDoS attack, and 78 % of those attacked were targeted two or more times in that same year.
DDoS attacks are difficult to mitigate, but there are ways to prepare for them to minimize the damage.
No matter what form of DDoS mitigation you choose, make sure you have a plan and stick to it. A strong plan will help you and your entire team know what to do when your business becomes the target of a DDoS attack.