Forensic Control

What is a DDoS attack (Distributed Denial-of-Service)?

Distributed Denial-of-Service (DDoS) is a cybercrime in which attackers flood a server with internet traffic disrupting service for users.



ddos attack graphic

Cyber crime is a huge problem for UK businesses, costing £3.1 billion from April 2021 to April 2022. When it comes to protecting your company from hackers, understanding the issues and preventing them is far better than trying to fix problems when they occur. Cyber Essentials and Cyber Essentials Plus offer an accessible but comprehensive framework of digital protection for your business, including Distributed Denial-of-Service (DDoS) attacks. But what is a DDoS attack? Are you likely to be a target? How can they be prevented?

What happens during a DDoS attack?

DDoS stands for Distributed Denial of Service. Its main aim is to disrupt access to a company’s network with high volumes of traffic, making it inaccessible to their real readers or customers. The attacks are carried out by a number of remotely controlled internet-connected machines, known as bots, that have been infected by malware to allow the hackers to gain control of them. Because each bot is a legitimate device, separating the attack traffic from normal traffic can be difficult.

Cyber criminals may then demand a ransom to relinquish control of your systems.

Who is targeted by DDoS attacks?

DDoS attacks are on the rise, and no business is safe, no matter how large. The world’s largest DDoS attacks were made against Google and Amazon, but small businesses are frequently finding themselves in the firing line.

Large businesses are often more able to survive a DDoS attack, cushioned by expansive IT support teams and the financial protection to cover the disruption. But it can be sink or swim for smaller companies, who may not be in a position to absorb the costs associated with  lost revenue, data breaches, a tarnished reputation, dissatisfied customers, and a massive (and potentially costly) cleanup effort to get systems back up and running.

How do I spot a DDoS attack?

The first sign of a DDoS attack is usually a sudden spike in traffic to your network. There can be legitimate reasons for this to happen – you could be having a sale starting at a specific time – but if it comes out of the blue, be wary.

You may also notice high volumes of traffic from unexpected places. Hackers can take control of computers anywhere in the world, so if you are suddenly receiving a large number of unexplained hits from an unfamiliar location, this could be another sign.

How to prevent a DDoS attack

One of the first lines of defense against DDoS attacks is using a web application firewall (WAF). A WAF will monitor network traffic and prevent unauthorised access to your business servers. The service is fully customisable, so you’ll be able to restrict traffic and make your network safer.

For example, if you’re a UK company that only sells products within the UK, you can prevent access from outside of the country.

Like all software, your account must be kept up to date in order to be effective.

Cyberattacks don’t necessarily happen in isolation. If you or someone else in your supply chain experiences a DDoS attack, the hackers could go on to access orther businesses that you are connected to. With this in mind, many companies are insisting on shared security standards with those they do business with.

One of the best ways to prevent cyberattacks is through education. Your employees and suppliers need to be made aware of the loopholes used by hackers, how to spot the signs and the best way of preventing them.

Using Cyber Essentials to prevent again DDoS attacks

Although nobody connected to the internet is 100% safe from the threat of cyber crime, there are steps that you can take to reduce your risk of becoming a victim. Cyber Essentials and Cyber Essentials Plus were established by the National Cyber Security Centre (NCSC) to offer a simple and affordable solution to cyber security.

Forensic Control can help businesses of all sizes to achieve their Cyber Essentials certification. We offer hands-on guidance throughout the whole process, including sample questionnaires and up to £25,000 of free cyber insurance cover, if required. Not sure where to begin? Contact us today.

Related content

As computer forensics experts we are bound to abide by the ACPO Principles of Digital Based Evidence, ACPO being the Association of Chief Police Officers. ACPO provides a set of Guidelines for Computer Based Evidence, and they come with a suite of four essential principles. Here they are.
Computer forensics, sometimes known as digital forensics, is undertaken by trained examiners who pull data (search histories, purchase records, time logs and more) from devices including, but not limited to: computers, tablets, and smartphones.


Sign up here if you wish to receive updates and news from Forensic Control by email. We will not send you anything else and you may end the subscription at any time.

By providing your email address, you agree to receive marketing
messages as per our Privacy Policy