Hackers can use a large number of computers and devices to flood and overwhelm a network such that the network may no longer be able to function optimally. This attack would starve legitimate users and customers access to the network because it has been flooded by attackers. The hackers compromise people’s computers without their knowledge and use these computers to carry out these attacks. A network of compromised computers that can be used to carry out a DDoS attack is known as botnets.

There are also times when a network is overwhelmed by traffic because a large number of legitimate users want to access and use the network, but the telecommunication company may not have enough infrastructure to support the requests. These requests could pull the network down and may have the same effect as a DDoS attack.

Hackers can compromise a computer by sending out emails and messages that may promise free software. Once a user clicks on the links in the emails and downloads the software, the software would usually ask for permissions which once granted gives the hacker access to use the computer to coordinate and carry out cyberattacks.

RECOMMENDATIONS

To ensure that your computer is not used to carry out DDoS attacks, it is important to have an up-to-date antivirus software that monitors activities on the computer such as network resource usage. Also ensure that staff are educated on what they can install and what they cannot install in an office computer. While it is important to protect one’s computer from being used as botnet, it is more important to protect a server from the impact of a DDoS attack as the users who depend on the server to service their request suffer the effect of the DDoS attack.

To effectively combat a DDoS attack, it is important to increase the bandwidth of a server. A server with increased bandwidth will often be able to accommodate more requests, be it genuine requests or an attack. Some attacks are rarely felt until they become enough to overwhelm the bandwidth of the server. Therefore, with and increased bandwidth comes increased cost of launching a DDoS attack on a server.

Load Balancing is also a technique that can be used to distribute the loads of traffic coming on a service across several servers such that the impact would not be enough to pull down any single server.

Server administrators should monitor the source of the requests coming to a service and know when too many requests are coming from the same or similar IP addresses. When this happens, it is recommended to use firewall to block the IP addresses that could be attacking the server.

When there is a content that several users may need to access at a particular time, it is recommended to use a Content Delivery Networks (CDN) like Cloudflare to distribute the requests across several servers.

Network monitors should be programmed to identify and share intelligence on the nature of DDoS attack to make it easier for other networks to combat it. The more difficult it is to carry out a DDoS attack, the easier it would be for hackers to abandon it.