A distributed denial of service (DDoS) attack is not new but occurrences have seen a sharp increase in recent months.
These kinds of attacks are designed to occupy a hosting servers resources, often by directing huge amounts of automated traffic to the website, thus preventing your real users from accessing your website.
How to spot a DDoS Attack
It’s not always obvious if an increase in traffic is related to a marketing campaign or is the result of a DDoS attack. If Slow or denied service is going on for days and beyond any ongoing campaigns then it is worth investigation.
Additionally the same source address is querying the same Data long before the Time to Live (TTL) this could be a sign of suspicious activity. - TTL is a protocol that dictates how long it will be until a computer refreshes it’s DNS information.
What you can’t do in this situation is see if all traffic originates from one IP address as this is not the nature of a DDoS attack were you will see traffic originating from multiple sources.
What can you do
Be Aware - invest in technology that will help you keep tabs on what exactly is going on
Boost Capacity - Upgrade your hardware o your system can better handle increases in traffic
Be Prepared - Have a strategy for defence and get practice implementing it, this can be detecting insecurity on your network to knowing how and when to redirect traffic.
Get Help - If you don’t have the in house resources to develop a strategy or deal with attacks it may be worth looking at outsourcing the task.