fbpx

What Is a DDoS Attack and How to Profit From It

October 21. 2016. 5 mins read

This morning we woke up to news that the U.S. has been subject to a massive DDoS attack that kept everyone from being able to read the news, watch cat videos, listen to music, play games, and conduct transactions. Suddenly we’re all asking ourselves what we would do if the Internet wasn’t available? How can we learn about how to make money off of emerging technologies if the Internet doesn’t work? Enough of all the scare mongering. This sort of “glass half full” mentality doesn’t cut it around here. We’re interested in knowing how we can make money off this bad news because that’s what capitalists do. More importantly, making money off of DDoS attacks means investing in companies that prevent it and that’s a good thing. Let’s take a closer look at this ball of wax.

What is a DDoS Attack?

There are no doubt hundreds of articles being put together right now on the topic of DDoS attacks and how complicated they are but the fact is it’s quite simple. DDoS stands for a “distributed denial of service” and here is how it works. Let’s say you run a website that writes articles about a topic I don’t like, like say Kim Kardashian’s brilliant contributions to the field of scientific research:

kim-kardashian-sciences
Source: News Thump (Before you get all up in arms, it’s just satire)

I’m not nearly as brilliant as Kim is in the area of quantum physics, so I get jealous and want you to stop writing about her. I can tell you to stop writing but you probably won’t listen to me. I can try to hack your website but you have some of the best cybersecurity software in place to prevent me from doing so. What can I do to make your life miserable?

Well, one thing I can do is to hit your site with a lot of requests. What I would do is create a script that emulates 1 million different users and then have them all hit your site at once. Because you typically don’t have that many visitors to your site, it crashes because it can’t handle that much traffic and this is called a denial of service. That’s a good idea but there are a few problems with that. Firstly, I don’t have enough internet bandwidth to do that. My mom’s internet plan just doesn’t have that much bandwidth. Secondly, even if I did have enough bandwidth, this attack would be easy to stop. All you would have to do is monitor incoming requests that are alike in nature (coming from a single source for example) and then identify them as illegitimate. Problem solved.

Now, what if I had a whole bunch of friends who I could call up and have them all try and access your site at once. Let’s say they all had 8 hours of free time when they weren’t playing World of Warcraft and I called them up and said: “guys, start hitting this website at noon and don’t stop until I tell you”. Since I don’t have any friends, this wouldn’t actually work, but let’s say I knew 1 billion people distributed around the world in all 190 countries. If I could get these 1 billion people distributed around the world to all hit your site at once then that would be a “distributed denial of service attack” or a DDoS attack. That should do the trick right? It sure would, but the problem is I don’t know 1 billion people. I do however know billions of intelligent devices out there that we keep babbling on about when we talk about the “Internet of Things”  or IoT. What if I could commandeer all these billions of devices and have them all try to hit your website at one time? Now that would work, and it would be very difficult for you to stop me.

Now the scenario we’ve described so far just addresses your website. Why in yesterday’s attack were so many websites affected? It would be nearly impossible to coordinate such a high-scale attack so many websites simultaneously. This is where the concept of DNS comes into play. DNS stands for “domain name server” and essentially it’s just a lookup directory for websites. DNS companies function as switchboards for the internet. When you type in www.nanalyze.com, that doesn’t say where the servers are that host the Nanalyze website. Behind the scenes, a “DNS lookup” takes place and says where to direct your request. If a DDoS attack can be conducted against the DNS provider (in this case a company called Dyn), then widespread outages can happen like the one depicted below:

ddos-attack-areas

As you can see in the above diagrams, the affected areas of these DDoS attacks pretty much mirrors a map of U.S. population density. So by just attacking a single point of vulnerability, the attackers were able to impact an entire country. Whoever is behind this attack has to be overjoyed with just how impactful this turned out to be. You can also be sure that Dyn is in some big trouble as a business that relies on trust to retain clients. Dyn may not have done anything wrong here, but they’re going to have a very tough time righting this capsized vessel. Every CTO at every one of the 60 major companies affected is being grilled by his CEO now as to why he chose Dyn as a DNS solution.

How to Profit from a DDoS Attack?

There are two articles we’ve written recently that are very relevant to answering this question. The first article was about 9 private cybersecurity companies that are looking at bringing us the latest and greatest tools to address cybersecurity concerns. Now we’re not experts in this space but of the companies we wrote about, almost all of them appeared to be addressing the type of cybersecurity that is internalized by firms. In other words, they build software that keeps your website from being hacked into. One of these 9 startups however called Cloudflare sounds pretty compelling as a solution to DDoS attacks. Essentially they can “filter out all the junk” that tries to hit your website and leave you with just the relevant page view requests. The problem is though that Cloudflare is a private company. How can retail investors profit off of DDoS attacks? This brings us to the second article we wrote titled “10 Cyber Security Companies to Invest In“.

In investing there is this theory that companies in the same industry will behave the same way. This is why when Facebook shares fall on bad earnings, Twitter shares will likely fall as well. In the same manner, the all-encompassing label of “cybersecurity” will cover DDoS attacks right alongside the type of security breaches we’re more familiar with like the one that befell Yahoo most recently. This time it’s different though. It’s not just Yahoo’s problem. It’s everyone’s problem. You’ll probably see a lot more “how do I invest in cybersecurity” questions coming from this recent attack. One way you can invest in cybersecurity companies is to just buy the Nanalyze Cyber Security Stocks motif seen below:

cyber-security-stocks-motif

Conclusion

Odds are that the whole basket is going to get a whole lot more exposure from yesterday’s DDoS attack and the share prices will react accordingly. While this short term price action may appeal more to speculators, the long term thesis still holds and this is a great diversified basket of stocks that will give you exposure to the cybersecurity theme.

In a future article, we’re going to look at what sort of technologies might be on offer for DDoS protection from both private and public companies as these technologies will likely receive a direct benefit from yesterday’s news.

Share

Leave a Reply

Your email address will not be published.

  1. We would like to introduce you to SNAPI Guard, a privately held Canadian company that also “filters out all the junk”. Happy to arrange an interview with their CEO.

    1. Thank you for that Howard. This article went out around the time of those high profile DDoS attacks. If we do another article on this topic, we’ll be sure to consider SNAPI Guard.

  2. We would like to introduce you to SNAPI Guard, a privately held Canadian company that also “filters out all the junk”. Happy to arrange an interview with their CEO.