The current hacker attacks around the world over the last year revealed to the world the dangerous potentials of Distributed Denial of Service (DDoS) attacks. That revelation begs the question: is the world truly ready to embrace the internet of things (IoT)? Apparently, we are not.
This is evident in the fact that hundreds of high-traffic websites in the U.S. and the U.K. became victims to wave after wave of DDoS attacks. The attacks caused sites like PayPal, Twitter, Reddit, eBay, Pinterest, GitHub, Etsy, Tumblr, Verizon, Comcast, and Spotify to become inaccessible to tens of thousands of internet users throughout the day.
DDoS attack simply happens when hackers overwhelm a website with web traffic from multiple sources in order to overload the site's server and make the site unavailable. In the case of the October 2016 attack, the perpetrators simply hijacked a myriad of unsecured, connected digital devices (like surveillance cameras, home routers, thermostats, webcams, smart televisions...). These devices, infected with malicious code, formed a botnet and were used to make bogus HTTP requests on the targeted servers.
Though many of the devices are not powerful computers, when used in a great number, like in the October 2016 attack last year, one of the biggest that has ever happened, they can overload the targeted server with false traffic, and it's not easy to defend against them. DDoS attacks are easily obtainable, since the software for finding unsecured devices online to hijack is easily available. In fact, for just $150, hackers can purchase a week-long DDoS attack on the black market.
This stresses the need for website owners to take pre-emptive measures to protect their sites from DDoS attacks.
● Your first line of defence is to use a reputable website host and domain registrar, here is one that is registered and covered with security measures. Why? Because they will already have security measures in place against DDoS attacks.
● Don't let your devices be used in a DDoS attack against your website. Protect your devices with up-to-date anti-virus software and security updates. Some anti-viruses can even scan your computer to discover if it's in a botnet network.
● Leverage firewalls and routers that can prevent ping attacks on your business website.
● Purchase bandwidth in excess when taking out a hosting plan. This will help your site better handle multiple traffic in case of DDoS attack.
● Use cloud or dedicated servers for your website. While a cloud server offers more flexibility in terms of handling traffic spikes, a dedicated server whose capacity is well above what your site needs will make it difficult for your site to become unavailable in the event of a DDoS attack.
● Use security plugins like Bulletproof Security and WordFence with your WordPress site.
● Use special software like CloudFare and DdoS Protector, which can protect your website against DDoS attacks.
The damages DDoS attacks can do is lethal for businesses. According to Incapsula, a DDoS attack can lead to loss of customer loyalty, loss of business opportunities, loss of intellectual properties, data theft, and more. And this can cost a business $40,000 per hour. Be wise about your website's security. Why not use the abovementioned measures to protect your website?