Why DDoS Attacks Still Threaten Everyone and How to Respond Quickly

What is DDoS?

DDoS (Distributed Denial of Service) attacks use multiple compromised computers as a platform to flood one or more targets with massive amounts of legitimate‑looking traffic, exhausting network resources and rendering services unavailable.

Notable DDoS Incidents

March 2013: Spamhaus and CloudFlare suffered a record 300 Gbps attack that nearly crippled European networks.

February 2014: A 400 Gbps attack hit CloudFlare customers, affecting roughly 785 000 sites including 4chan and WikiLeaks.

March 2014: Anonymous launched a massive attack on Sony’s PlayStation Network, causing service outage and data theft of 77 million users.

December 2014: A Chinese gaming company on Alibaba Cloud faced the largest recorded attack at 453.8 Gbps, enough to overwhelm the bandwidth of many small cities.

Impact and Consequences

The cost of launching a DDoS attack is very low, creating a thriving underground market; for example, 1 Gbps of traffic for one hour can be bought for about 50 CNY. Surveys show that 64 % of platform providers, 66 % of hosting and VoIP providers, and 61 % of service providers have been affected, with 38 % unable to protect core business operations.

Financial losses per incident range from roughly $52 000 to $444 000, and indirect effects such as reputation damage and loss of customer trust can be far more severe.

Common Mitigation Strategies

Maintain multiple domain backups.

Deploy each domain’s entry servers across different major cloud providers and use CDNs.

Establish VPN tunnels between clouds for synchronized data and heartbeat monitoring.

Keep 1–2 redundant nodes that are not publicly exposed to ensure minimal service continuity.

Effective response requires quickly distinguishing between a DDoS attack and hardware failure, contacting cloud providers to filter malicious sources, and activating emergency backup services when needed.

Excerpted from OneAPM.