DDoS attacks (Distributed Denial of Service attacks) and the data breaches that accompany such attacks are of serious consequence; these constitute the major share of cyber-attacks that happen and the consequences are mostly very devastating too. Such DDoS attacks are made possible by botnets.
What are Botnets and DDoS attacks?
Botnets are networks (of computers, smartphones etc) or devices which are hijacked with the help of some malware and which are controlled by someone who is not the owner of the network/device. The botnet owner can thus control the network from some remote location and carry out malicious activities. The real owner of the network or device might not even notice this.
A DDoS attack happens when a botnet owner uses the computing resources that he has hijacked to flood a website with malicious traffic in bulk or upset its network infrastructure in such a way that users of the website are denied the services of the website. This is achieved by either slowing down the website or taking it offline.
How DDoS attacks affect victims
The victim of a DDoS attack, which usually happens to be an organization doing business using the affected website, would be greatly affected as a result of the attack. The overall reputation of the organization and its business is affected, users of the website and customers of the organization lose trust and overall the business goes down. The income generated from the business is affected greatly and sometimes this could lead to the downfall of a company and its business. DDoS attacks also affect on the personal level. Botnet owners use DDoS attacks to camouflage or hide intrusions or data thefts and then get away with sensitive personal information of the user, including card data, financial data, intellectual property etc.
Combating Botnet/DDoS: How effective it is…
In the past thousands of individuals and organizations have suffered as a result of botnet activities or DDoS attacks and the consequent loss of data, money, business reputation etc and cyber-criminals behind such activity seemed to be escaping uncaught. But it’s now changing with law enforcement agencies and nations joining hands to step up detection and prosecution of such cyber-criminals. When the Bugat/Dridex botnet hit and led to the theft of banking data and other sensitive information and caused an estimated £20 million (approximately $30.5 million) loss in the UK, and at least $10 million loss in the United States, the Dell SecureWorks Counter Threat Unit™ (CTU™) research team joined hands with the UK National Crime Agency (NCA), the U.S. Federal Bureau of Investigation (FBI), and the Shadowserver Foundation in the fall of 2015 to combat this. The person suspected to be behind this was arrested. Some other such cases where people behind botnet activities and DDoS attacks have been arrested and prosecuted have happened in the recent past.
However, let’s not forget that cyber-criminals and cyber crimes are increasing in number, and botnet activities and DDoS attacks continue to happen despite international agencies and nations joining hands to combat and prevent them. So it’s imperative that every user/organization adopts professional botnet/DDoS protection measures and comprehensive internet security measures to combat and prevent such crimes and consequent losses.