You do not have much choice, only correctly configured firewall/iptables (which is not a trivial task to do) can help you to prevent it. But there is no 100%.
Because they are capable of conducting a very hard to prevent DDoS attack.
A DDOS attack is a dedicated denial of service by making a computer's resources unusable to its users. In order to prevent it, you need a good firewall. You can also block those attacking IP addresses.
Smurfing
The easiest way available today to prevent DDoS attacks on your website is to use a WAF (web application firewall) which screens the traffic to your website. For small to medium websites it's easiest to use a cloud-based web application firewall services as Incapsula.com
Many hosts participate in a coordinated attack.
Many hosts participate in a coordinated attack.
What you are describing is not a type of malware, but a DoS (Denial of Service) attack.
distributed denial-of-service attack or known as DDoS
A DDoS attack is characterized by multiple machines spamming specific packets to a target machine with the intent of overloading the target machine so it is unable to service other connecting clients.
Advanced hardware firewalls can protect a company from falling to a DDOS attack, though not the most sophisticated attacks. Servers can also be configured to minimize the effect of an attack to define limits on application resource allocation. There are also DDOS mitigation appliances available to "sanitize" traffic, though none are perfect and will allow some bad traffic through.
A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.
A DDoS attack