DDoS Blog

Cyber Security News

By

A DDoS (distributed denial-of-service) attack is when someone uses multiple computers to perform a denial-of-service attack (DoS). Both DoS and DDoS attacks work by overwhelming the target or its infrastructure with a large volume or “flood” of Internet traffic.

An attacker will commonly initiate a DDoS attack by building a network of infected machines, known as a botnet. By spreading malicious software, the botnet can be controlled (like a captain commanding an army) to send an overwhelming amount of traffic to a website, which will take the targeted site offline. Exploited devices can include networked resources, such as Internet of Things (IoT) devices. IoT devices are frequently riddled with security vulnerabilities, making them easy to recruit into botnets, a factor that has recently led to a rise in unprecedented DDoS attacks.

Once a botnet has been established, the attacker remotely sends updated instructions to each bot to flood a targeted IP address. As each bot is a legitimate Internet device, it is difficult for the site to separate the traffic from regular traffic.

Another factor in the growth of DDoS attacks is that botnets can be sold as “botters” to anyone willing to pay for a DDoS attack. They can be surprisingly cheap and straightforward to initiate, allowing anyone almost anywhere to take almost any site down no matter its size. At the end of last year, the Mirai source code for botnet-driven DDoS attacks was released onto the Dark Web; hackers then began selling botnets as a service.

There are various types of DDoS attack, including NTP amplification attacks, low and slow attacks and the amusingly named, now historic DDoS attacks, Ping of Death and Smurf Attack.

Uses of DDoS attacks can be to silence opposing voices in the media or to take down political opponents. DDoS experts recently predicted that advanced, larger and larger attacks will become increasingly common. Ars Technica described DDoS attacks as “the modern-day equivalent of a caveman wielding a club” because they require very little skill and are not strictly hacking a site, but have the benefit for the attacker of wielding immediate attention.