Who’s Behind DDoS Attacks and How Can You Protect Your Website?

DDoS attacks are increasing in intensity, frequency, and sophistication. So who’s carrying out these attacks, and why? And what can you do to stop them? Despite all this innovating and evolving, DDoS attacks are still a blunt weapon deployed for one single basic purpose: to make target websites unavailable to users. There is very little else accomplished by a DDoS attack; they won’t gain admin access to your site, and your data isn’t threatened (unless the DDoS is a smokescreen to distract from the real attack). This may be done to disrupt an online business’s finances, or interfere with free speech, or for petty revenge. Or, it can even be done out of boredom or to further a political agenda.

Defend Your Website Against DDoS

Man hacked by DDoS attackers
A DDoS attack can be aggravating, but who’s behind it?

Anyone could carry out a DDoS attack, so long as they have access to a botnet of enslaved devices that can be coordinated to strike a target. Oh, you mean you don’t have one of those lying around? That’s okay, there are plenty of DDoS-for-hire services known as booters that will do your dirty work.

Last year, the infamous hacking collective Lizard Squad launched the Lizard Stresser, granting DDoS access to anyone willing to pay. And it’s pretty cheap: starting at $6 per month and going up to “lifetime” plans. Anyone can sign up and target any site. Of course, operating this software isn’t exactly legal. Users of Lizard Stresser tend to be young, with a third of investigated users aged under 20.

A lizard rests on a rock and plots a DDoS attack.
Lizards and websites don’t mix.

A large amount of DDoS activity happens within the gaming community, where competitiveness and emotions run high, and both players and platforms make a ripe target. Gaming sites are especially vulnerable, because all an attacker needs to do to make a game unplayable is to slow it down, rather than outright taking it offline. Players might seek vengeance on an opponent in a more meaningful way than teabagging, or maybe they just want the notoriety of launching a high-profile attack that everyone’s talking about. Gamers, Hacktivists, and Extortionists

Hacktivism is another common motivation behind DDoS attacks, in which case a DDoS user may simply want to attack an opposing viewpoint. This could be disapproval of an unpopular program, or it could be simply to take down a negative review posted on someone’s website. When the New York Magazine published its cover story on the Bill Cosby scandal, a conveniently timed DDoS attack lost them an estimated half a million page views. The attacker, rather than defending Cosby, took out the magazine website because he hated the city.

New York City is not that bad to visit.
Pictured: New York City, not New York Magazine.

A targeted company would receive a message demanding a ransom that must be paid or the website will be taken out by a massive DDoS attack. To show they mean business, the attackers will send out a warning shot DDoS attack of limited power and duration. Some companies pay the ransom to take care of the problem or buy time to upgrade security, but most security specialists advise against paying off the attackers, as it will expose your site as an easy target and damage your reputation.But perhaps the most insidious use for DDoS tools is to hold websites for ransom. This trend started taking off in the second quarter of 2015, and financial institutions are increasingly being hit. Groups like DD4BC go after second- or third-tier financial websites, especially new fintech companies with a focus on banking and credit unions, currency exchange, and payment processing.

DDoS attacks can hit anyone, so it’s best to take measures to protect your website. A web application firewall such as Cloudbric blocks botnet traffic, disarming attacks by filtering them on the server level, so they’re as harmless as waves washing up on the shore. If your website isn’t already secured against DDoS attack, it’s time to start now, because the tide is coming in.