DDoS attack explained.
Distributed Denial of Service (DDoS) is a cyber-attack that aims to disrupt its targets, such as s system, server, or network. It floods them with large amounts of traffic arriving from multiple devices. The many different sources used to attack the victim are the reason why it is called “distributed”. The target is down, and a denial of service occurs that doesn’t allow any user to connect with it.
DDoS attacks could be initiated in different ways, and techniques vary or even can be mixed in order to hit the target stronger. Overall, every DDoS attack runs by infecting as many devices connected to the Internet as possible. In addition, it could be performed globally with one main goal to flood the target with massive traffic from all of the compromised sources such as IoT, servers, computers. The target is not able to handle the traffic and becomes sluggish until it is completely drowned.
How does it work?
Devices connected to the Internet are the main elements that produce DDoS attacks. The different devices, computers, IoT get infected with malware, and the attacker takes control over them. It is common to refer to such devices as bots or zombies, and a group of them is usually described as a botnet.
Once the botnet is established, the hacker is ready to execute the attack. They are controlled remotely, and each of them gets instructions. All of the affected zombies or bots send requests to the IP address of the victim. Eventually, the network or server gets overwhelmed and not capable of handling the traffic. It is very challenging to distinguish between regular and malicious traffic because each bot seems like a legitimate Internet device.
DDoS attack types
DDoS attacks are generally divided into three types:
- Volume-based attacks use enormous amounts of fraudulent traffic to overwhelm a device, website, or server. For example, here are UDP, ICMP, and spoofed-packet flood attacks.
- Application-layer attacks overwhelm applications with malicious requests.
- Protocol or network-layer DDoS attacks send large amounts of packets to their victim network infrastructures and infrastructure management tools. Well-known protocol attacks are Smurf DDoS and SYN floods.
Lastly, for each type of attack, the goal is the same. It is always to make the resources of the target sluggish and unresponsive.
What is the motive?
In recent years DDoS attacks are gaining a lot of popularity. Actually, they are considered the most frequent kind of cyber threat. Besides, the number of so executed attacks is growing fast.
The motive behind the DDoS attacks and the hackers that are performing them are the following:
- Boredom – The attackers, in this instance, are also identified as cyber vandals. They crave to find a way to race their adrenaline. Typically, to initiate the attack, these people use well-known scripts that are pre-written.
- Bussiness conflicts – Unfortunately, there are some companies that use DDoS attacks purposely and strategically. Their intention is to disturb the website of their competitor or even to take it down.
- Philosophy – These are attackers that are also identified as “hacktivists.” For instance, websites that implement a particular ideology are their typical target. Hacktivists are launching the attack because they disagree with the viewpoint of the target.
- Shakedown – Here attackers, are intentionally using DDoS attacks as a threat. Often their goal is to keep the website down until the victim pays them a redemption fee.