What is DDoS-for-Hire?
Distributed denial-of-service (DDoS) cyberattacks are malicious attempts to disrupt the normal traffic of a targeted server, service, or network by overwhelming the target or its surrounding infrastructure with a flood of internet traffic. DDoS-for-hire is a service that allows anyone to perform a DDoS attack, for prices as low as $10 per hour1. This service is provided by owners of botnets.
The term “botnet” is a portmanteau of the words “robot” and “network.” Botnets are networks of hijacked computer devices used by cyberattackers to carry out their cyberattacks. A botnet is controlled by a “bot herder” who operates the botnet infrastructure and uses the hijacked computers to launch cyberattacks that are designed to crash a target’s network, inject malware, harvest credentials, or to execute other intensive computer-related tasks. Each individual device within the botnet network is referred to as a “zombie computer” or “bot.” These botnet devices operate under the commands of the bot herder, and without the consent of the device owners.
With DDoS-for-hire services becoming increasingly accessible, the threat of DDoS attacks is increasing for everyone. Cisco predicts that the number of global DDoS attacks will double from 7.9 million in 2018 to 15.4 million in 2023.2 Many DDoS-for-hire platforms are globally located, making them difficult to take down. The following may help to protect you against DDoS-for-hire attacks:
Reliable hosting. Select a reliable web host that offers server level protection and high quality technical support.
Increasing bandwidth. Having higher bandwidth makes it more difficult for cyberattackers to take your site offline. This strategy will not prevent a DDoS attack, but it could make your site a less attractive target.
Using CDNs. Content Delivery Networks (CDNs) refer to systems or networks of geographically distributed servers across the globe whose purpose is to deliver web content from the origin server to end-users from anywhere in the world. It achieves this by storing a cached or copied version of your website’s web page, including the necessary elements for it to load like HTML, CSS, JavaScript, image, and videos. When a website visitor wants to access a certain web page, a request from the user’s computer or mobile device is sent. Without a CDN, all requests will be sent to the origin server. CDNs take the load off origin servers, with web page requests being optimally mapped and sent to the nearest CDN server. This server will then respond to the request by delivering the cached version of the web page to the visitor’s device. Modern CDN solution providers have added high-end security measures that will protect their servers against DDoS attacks.
Using Web Application Firewall. A Web Application Firewall (WAF) thwarts malicious traffic trying to block vulnerabilities in the application. WAFs support DDoS protection solutions with round-the-clock monitoring from security experts to identify fake traffic surges and block them without affecting legitimate traffic. WAFs can be placed between the internet and the origin server. A WAF can act as a reverse proxy protecting the server from exposure by making the clients pass through them before reaching the server.
1 Zoltan, 2023, “Dark Web Price Index 2023”
2 Cisco, 2020, “Cisco Annual Internet Report (2018–2023) White Paper”