DDoS attacks are an increasing cause for concern in the cyber security community. They can be large-scale, devastating events that cause permanent damage to a company’s revenue and reputation. To make matters worse, they’re notoriously difficult to detect and defend from.
In Q3 2017, DDoS attacks increased from the previous quarter, with an average of more than 450 every day. The number of countries affected also increased, from 86 in Q2 2017 to 98 in Q3. These numbers highlight the growing threat that DDoS is posing to companies all over the world.
And people are aware of it. In a recent survey, 56% of respondents thought DDoS attacks were more of an issue in 2017 than ever before, and 31% said they’d experienced more attacks recently. It’s clear that DDoS is developing into a big problem for businesses and individuals, but what can be done to stop it?
First, let’s take a quick look at what exactly happens in a DDoS attack, and why a solution is extremely necessary.
How do DDoS attacks happen?
DDoS attacks take place when hackers seize control of devices like mobile phones and Internet of Things gadgets. They infiltrate the device, normally by sneaking malware into a media or app download, and lie hidden.
Once a large enough number of devices has been gathered – called a botnet – the hackers then take control and force them to access a targeted website or server. Often the owners of the bot devices are unaware of this.
The massive flood of new traffic to the site will eventually overwhelm the bandwidth, causing the server to crash and service to be denied, often for hours at a time. In fact, the longest attack in 2017 so far lasted for 215 hours.
That’s a catastrophically long time for a business to be without a website, and can lead to massive losses in revenue. What’s more, it can lead customers to perceive the company as vulnerable and unable to defend against attacks – hardly the kind of organization you’d want to share your credit card details with.
In fact, in the above survey some 45% of people thought that loss of customer trust and confidence was the most damaging effect of DDoS attacks on their business, more so than immediate financial loss. While DDoS attacks can be a disaster, there are a number of ways to defend against them.
Mounting a defense
Currently, the main way to defend against DDoS attacks is simply to stop or divert the traffic. This is actually pretty easy to do, and a popular method called ‘blackholing’ sends all incoming traffic away to a far-off location (a ‘black hole’).
The downside to this is that it tends to send good traffic away too, which plays into the hands of attackers by essentially rendering the website inaccessible. Efforts to filter good traffic from bad traffic are generally unreliable and often admit the bad guys while turning away genuine visitors.
More sophisticated methods include decentralizing the site’s delivery – so there is no one all-important server that can be brought down. This is very expensive to execute, however, and even then it isn’t 100% resistant to attack.
Using the blockchain
Gladius is an ICO, which aims to change the way DDoS attacks are managed. Instead of diverting the traffic or decentralizing the server in a traditional way, their aim is to build a huge network of users that are able to share bandwidth and work together to defend against attacks and accelerate websites.
Sharing bandwidth is a tactic that works well with blockchain. The Gladius network would be decentralized, formed of a large number of computer systems with their own stockpiles of bandwidth (most of us are paying for far more bandwidth than we use).
In the event of a member of the network coming under attack by DDoS bots, the others can choose to donate some of their spare bandwidth, allowing the victim server to better absorb the influx of spam traffic and survive the attack without losing service.
But what’s in it for them? Apart from the knowledge that they can rely on their peers to do the same should they be attacked, members of the network will also be rewarded with Gladius tokens (GLA) for their efforts. These tokens will be worth money, or can be exchanged to Ethereum, Bitcoin and other cryptocurrencies.
Gladius Public Presale is Now Live!
Join us now https://t.co/AgqEMsgbhT#cryptocurrency #blockchain #crypto #ICo #token #tokensale #airdrop #bounty #technology #business #startup pic.twitter.com/lhdhQ24qxq
— Gladius Network (@gladiusIO) November 24, 2017
The Gladius network will also be used to co-ordinate responses to DDoS attacks, by using the common bandwidth to develop advanced filtration mechanisms that block malicious traffic while allowing real customers to access sites.
The goal is to tackle the global DDoS epidemic by creating an equally global network to withstand attacks. By decentralizing this system, it’ll be possible to share bandwidth and co-operate with ease, which will minimize worries about security and cost. Gladius kicked off its public presale last Friday and is currently undergoing a private presale.