An issue on Microsoft DDoS protection escalated the Distributed Denial-of-Service (DDoS) attack and caused a 10 hour outage, with multiple organisations reporting issues on 30th July 2024.
What is Distributed Denial-of-Service (DDoS) attack?
In a distributed denial-of-service (DDoS) attack, a type of cyberattack, an attacker overwhelms a website, server, or network resource with malicious traffic. As a result, the target crashes or is unable to operate, denying service to legitimate users and preventing legitimate traffic from arriving at its destination.
In simple terms, if you run a website, it will have a limit to the number of requests it can take during a period, after which additional requests will either timeout or show an error etc. All an attacker needs to do is make a huge number of requests on the website and genuine users will face problems accessing the website.
That’s DOS (Denial of Service) attack.
If the attack happens from a distributed system (with multiple IP, making it more difficult) then it’s called DDOS (Distributed Denial of Service) attack.
What can you do?
For website owners we highly recommend DDOS protection using a number of easily available solutions like www.cloudflare.com
The way this works is your domain points to cloudflare which then points to your server. This way it acts as a filter in-between reading requests and deciding if it’s ok to go ahead, and if it notices DDOS attack it will try to prevent it.
Cloudflare also offers additional features like CDN (Content Delivery Network), WAF (Web Application Firewall) etc, refer to their website for full details.
If you do not have a solution at the moment then www.cloudflare.com is highly recommended because of its reasonable price, however each organization needs to see what works best for their web services.
References:
https://www.infosecurity-magazine.com/news/ddos-microsoft-global-outage/
https://www.cloudflare.com