Hacking a website or server isn't easy. They are specifically designed to make things as difficult as possible for would be intruders. Taking either of these things offline, however, is a lot easier. Most servers can only handle a certain amount of traffic. They can therefore be taken offline by sending traffic greater than that amount.
This is known as a DDoS attack. If a website or server isn't equipped with protection against it, it can be disabled within minutes. These attacks are now easier than ever to perform due to the increase in DDoS-for-hire services.
So what exactly is DDoS-for-hire and why is it such a threat?
What Is DDoS-for-Hire?
DDoS stands for Distributed Denial of Service. So DDoS-for-hire is a service that allows anybody to perform a DDoS attack for as little as 10 dollars per hour. It's seemingly inspired by the Software as a Service business model.
It's profitable because in order to perform a DDoS attack, you need access to a botnet. The owners of botnets have figured out that while they could just perform their own DDoS attacks, they can make more money by providing such attacks as a service to others.
Why Is DDoS-for-Hire a Problem?
DDoS attacks have been happening since the earliest days of the internet. DDoS-for-hire services, however, have recently become much more accessible. This poses a much greater threat because it allows ordinary people to carry out these attacks without any technical knowledge.
The average person isn't going to acquire such knowledge to carry out a one-off DDoS attack. But that same person may well be willing to pay money to do so.
DDoS-for-hire also increases the number and size of botnets. The easier they are to rent out, the more time hackers will be willing to spend building them. An increasing number of computers and smart devices are going to face hacking attempts.
How Big Is the DDoS-for-Hire Industry?
The total number of DDoS attacks in 2021 is expected to reach 11 million. It's difficult to tell how many of these attacks were the result of DDoS-for-hire companies. But given the difficulty in building botnets and the ease by which they can be shared, it's likely that they make up the majority of attacks.
In recent years, many DDoS-for-hire companies have been shut down. This includes high profile prosecutions which occurred in 2018.
The problem facing these organizations, however, is that when one company is shut down, new companies take their place almost immediately.
How DDoS-for-Hire Companies Pretend to Be Legitimate
DDoS attacks are illegal in most parts of the world. If a company were to advertise such a service, the ad would obviously be taken down.
Most DDoS-for-hire companies get around this problem by advertising booters and/or stressers instead. A stresser is a legitimate tool which tests a server's ability to handle large amounts of traffic.
Legitimate providers are aware of the potential for misuse. They will therefore always ask for proof of ownership before a server is targeted. Illegitimate providers don't request proof and can therefore be used to perform DDoS attacks against any website.
While the purpose of the illegitimate companies is usually obvious, they are often able to act with impunity until the reality is actually proven.
How Easy Is It to Perform a DDoS-for-Hire Attack?
Hacking services are difficult to find online and usually require a visit to the dark web. But if somebody wants to perform a DDoS attack, it's just a matter of searching for a booter or stresser on Google.
The illegitimate companies are easy to identify by the fact that they don't ask questions. The websites are also designed to ask for nothing more technical than the name of the target.
Who Is Targeted by DDoS-for-Hire Attacks?
DDoS attacks can be used against personal computer users and they are particularly popular in online gaming. But the vast majority of attacks are performed against websites.
The ease by which these attacks can be performed means that it doesn't take much to be targeted. Here are a few popular targets:
- If you run a business website, it's possible to be targeted by a competitor.
- If you run any kind of website that makes money, you can be targeted for extortion.
- A hacktavist can use a DDoS attack because they disagree with something that you said.
- A hacker can use a DDoS attack as a means of distracting you as they commit other crimes.
How to Protect a Website Against DDoS-for-Hire Attacks
The frequency of DDoS attacks means that protection is important for any professional website.
Use a CDN
Content Delivery Networks (CDNs) are designed to increase website performance but many CDNs also offer DDoS protection.
Cloudflare is the most popular choice and protects against DDoS attacks by identifying malicious bot traffic and blocking it before your website is harmed.
Pay for Additional Bandwidth
Having higher bandwidth won't protect you from all DDoS attacks. But it will mean that attackers have to work much harder to take your site offline. Increased bandwidth obviously costs money but it prevents your website from being an easy target.
Use a Reliable Web Host
Your choice of hosting will have a big effect on how vulnerable you are to DDoS attacks. Some hosting companies offer server level protection which can act as an alternative to a CDN.
If your site does go down, your ability to get back online will also depend heavily on the quality of the tech support available to you.
The Internet of Things Isn't Helping the Problem
The threat posed by DDoS attacks is likely to get worse with time. The DDoS-for-hire business model is incentivizing hackers. The rise of the Internet for Things (IoT) is making it easier for them.
DDoS attacks require very little processing power. This makes IoT devices more than capable of acting as part of an effective botnet. Despite this, they are typically equipped with relatively weak security.
This means that as more and more devices are connected to the internet, the power of botnets is only likely to increase.