Who’s Behind DDoS Attacks and How Can You Protect Your Website?

DDoS attacks are increasing in intensity, frequency, and sophistication. So who’s behind DDoS attacks and why do they execute these attacks? What can you do to stop them?

Despite all this innovating and evolving, DDoS, or Distributed Denial of Service, attacks are still a blunt weapon deployed for one single basic purpose: to make target websites unavailable to users. There is very little else accomplished by a DDoS attack; they won’t gain admin access to your site, and your data isn’t threatened (unless the DDoS is a smokescreen to distract from the real attack). This may be done to disrupt an online business’s finances, or interfere with free speech, or for petty revenge. Or, it can even be done out of boredom or to further a political agenda.

Defend Your Website Against DDoS

A DDoS hacker

A DDoS attack can be aggravating, but who’s behind it?

Anyone could carry out a DDoS attack, so long as they have access to a botnet of enslaved devices that can be coordinated to strike a target. Oh, you mean you don’t have one of those lying around? That’s okay, there are plenty of DDoS-for-hire services known as booters that will do your dirty work.

Last year, the infamous hacking collective Lizard Squad launched the Lizard Stresser, granting DDoS access to anyone willing to pay. And it’s pretty cheap. It starts at $6 per month and goes up to “lifetime” plans. Anyone can sign up and target any site. Of course, operating this software isn’t exactly legal. Users of Lizard Stresser tend to be young, with a third of investigated users aged under 20.

A lizard

Lizards and websites don’t mix.

Other Reasons for DDoS Activity

A large amount of DDoS activity happens within the gaming community. This is where competitiveness and emotions run high. Both players and platforms make a ripe target. Gaming sites are especially vulnerable, because all an attacker needs to do to make a game unplayable is to slow it down, rather than outright taking it offline. Players might seek vengeance on an opponent in a more meaningful way than teabagging. Or perhaps they just want the notoriety of launching a high-profile attack that everyone’s talking about.

Gamers, Hacktivists, and Extortionists

Hacktivism is another common motivation behind DDoS attacks, in which case a DDoS user may simply want to attack an opposing viewpoint. This could be disapproval of an unpopular program, or it could be simply to take down a negative review posted on someone’s website. When the New York Magazine published its cover story on the Bill Cosby scandal, a conveniently timed DDoS attack lost them an estimated half a million page views. The attacker, rather than defending Cosby, took out the magazine website because he hated the city.

New York

Pictured: New York City, not New York Magazine.

A targeted company would receive a message demanding a ransom that must be paid. Otherwise, the website will be taken out by a massive DDoS attack. To show they mean business, the attackers will send out a warning shot DDoS attack of limited power and duration. Some companies pay the ransom to take care of the problem. Or they’ll buy time to upgrade security. However, most security specialists advise against paying off the attackers, as it will expose your site as an easy target and damage your reputation. But perhaps the most insidious use for DDoS tools is to hold websites for ransom. This trend started taking off in the second quarter of 2015. Even this year, financial institutions are increasingly being hit. Groups like DD4BC go after second- or third-tier financial websites, especially new fintech companies with a focus on banking and credit unions, currency exchange, and payment processing.

Cloudbric can help!

DDoS attacks can hit anyone, so it’s best to take measures to protect your website. A web application firewall such as Cloudbric blocks botnet traffic. It disarms attacks by filtering them on the server level, so they’re as harmless as waves washing up on the shore. If your website isn’t already secured against DDoS attack, it’s time to start now. The tide is coming in.