What is cryptojacking?
Find out what cryptojacking is and how to recognize if your devices have been targeted.
Learn moreNovember 21, 2022
What DDoS Protection Is & Why You Need It
Movies and TV shows often show malware attacks as sudden and comprehensive attacks on a computer system or network. It might be a form of ransomware that will release all kinds of confidential documents across the internet, or it’s an instantaneous system crash with a pixelated skull and crossbones icon (fictional hackers get bonus points if it’s animated and laughing).
In reality, not all attacks are so obvious. A DDoS attack, for instance, will probably run in the background of your computer, and you might not even notice it right away.
What does DDoS mean?
DDoS is short for distributed denial-of-service, and it’s an attack where hackers try to get users, like you, to download malware that gives them remote access to your computer. With any number of computers at their disposal, a hacker will then use these bots to flood a specific server or website (like a popular online shopping site, for instance) with traffic to slow it down. Not only could this wreak havoc on your favorite website, it also puts your confidential information at risk because responses to the breach are slowed down.
Microsoft Defender
Stay safer online with one easy-to-use app1
1Microsoft 365 Personal or Family subscription required; app available as separate download
How does a DDoS attack work?
There are three main types of DDoS attacks, and while they differ in their methods, they’re similar in their approach:
- Volume-based attacks will send information packets measured in bits per second (Bps). These information packets are continuously downloaded and weigh down a server’s bandwidth. A volumetric attack is similar to how your Wi-Fi slows down during a family gathering during a holiday. There are too many devices in the house downloading information at the same time, so your internet speed suffers. The same happens to online servers when they’re overwhelmed with incoming or outgoing information.
- Protocol attacks will go directly to server hardware like the firewall. A hacker will send continuous requests as pings or fragmented packets to a firewall, but not all of these requests can be identified as malicious attacks. Information transmitted is measured in packets per second (Pps) because the incoming requests can vary in size.
- Application attacks are measured in requests per second (Rps) and goes directly to the network’s operating system as groups of requests to send or receive information. Think of it this way, each time you visit a website, your web browser sends a request to the site’s server for information. The information is sent back in code that’s read and displayed so that you can see it. An application attack will request information faster than the server can send it back and will eventually crash like a line chef at a burger joint during lunch hour.
The goal of each method is to overwhelm a server with traffic and force it to crash. You can protect your computer from being brought into a DDoS attack by avoiding malware.
What is DDoS protection?
When it comes to DDoS protection, there are specific measures that businesses will need to take because they’re most often the target of the attacks. DDoS protection will often look like servers with hardware and software dedicated to detecting DDoS attacks, as well as increased bandwidth to compensate for a sudden influx of traffic.
Private computer owners, however, needn’t take any extra measures beyond what they’re doing to prevent malware downloads on their computers. Your antivirus software will go a long way toward helping you identify potential threats and downloading malicious software that will turn your computer into a bot for a hacker.
“A DDoS attack will probably run in the background of your computer, and you might not even notice it.”
How to stop a DDoS attack.
You can stop a DDoS attack before it starts by being vigilant on your own. Be aware of the websites you visit, links you click in emails from unknown senders, and links in text messages. Reporting phishing emails or text messages will help the Cybersecurity & Infrastructure Security Agency identify phishing scams as you come across them.
You can forward suspicious emails to reportphishing@apwg.org, and text messages can be sent to SPAM (7726). You can also report phishing scams to the FTC at ReportFraud.ftc.gov.
Finally, it’s essential to keep your antivirus software up to date so that it can recognize the latest digital threats to your computer. Hackers understand there are ways to circumvent certain protocols, so they’re continually evolving malware to be sneakier than previous iterations.
Don’t leave your computer vulnerable to malware that can harm your computer network or others. While your computer might not be the target of a DDoS attack, it could still be part of the collateral damage once the attack is complete.
Get started with Microsoft 365
It’s the Office you know, plus the tools to help you work better together, so you can get more done—anytime, anywhere.
Buy NowTopics in this article
Tags
More articles like this one
What is a Smurf attack?
Prevent cyber attackers from targeting and overwhelming your computer. Learn what a Smurf attack is and how to prevent it.
Learn more
How to spot bots on social media
Recognize questionable behavior on social media such as off-putting and automated messages. Learn why this behavior may be a sign of social media bots and other indicators.
Learn more
Eight signs your social media accounts were hacked
Familiarize yourself with tell-tale signs that your social media account has been hacked. Learn when hackers have gained access to your online information and connections.
Learn more
Everything you need to achieve more in less time
Get powerful productivity and security apps with Microsoft 365
Buy Now
