DDoS is a distributed denial of service attack. It is realized in the World Wide Web and affects mainly online services. DDoS attacks may assault websites, email services, eCommerce, e-banking, games, online payment platforms, news channels, etc.
The malicious activity is characterized by an explicit attempt to make a network machine or a web service unavailable for its users.
DDoS is a large scale version of the DoS (Denial of Service) attack. The DDoS uses hundreds or even thousands of compromised machines (computers or IoT devices, etc.) to interrupt a website service connection. A number of internet connected computers communicating with other machines, located on different places, is called botnet (a network of compromised computers with malware).
The size of DDoS attacks is measured in Gbit/s and their strength differs in scope. A very popular method of crashing a victim's system is flooding the target with incoming traffic. When the traffic volume reaches the limits of the connectivity channel bandwidth, the service becomes unavailable. Another way to cut access is to overload and exhaust the system server resources so that the website is down.
DDoS protection is part of our overall security system
When targeting a website, the attack usually exploits security vulnerability in the content management system the site was build up with. These vulnerabilities facilitate the hack and increase the harmful effect of the malicious activity. Some of them are security holes in a certain CMS, the possibility for SQL injection, XSS (cross-site scripting), injected malicious scripts and others.
The hack uses outer resources of the victim as well as internal CMS vulnerabilities. Therefore the defense system should be applied on several security levels. The DDoS defense is only a part of our Security system and it covers the infrastructure of the service.
The defense system analyzes and filters the traffic even before it has reached the service. When malicious attempts are detected they are immediately neutralized in more than 95% of the occurrences. In this way the attack does not even reach its target so the target operation is kept intact.