• Skip to main content
  • Skip to primary sidebar

DDoS Blog

Cyber Security News

December 4, 2017 By fbblog

A DDoS (distributed denial-of-service) attack is when someone uses multiple computers to perform a denial-of-service attack (DoS). Both DoS and DDoS attacks work by overwhelming the target or its infrastructure with a large volume or “flood” of Internet traffic.

An attacker will commonly initiate a DDoS attack by building a network of infected machines, known as a botnet. By spreading malicious software, the botnet can be controlled (like a captain commanding an army) to send an overwhelming amount of traffic to a website, which will take the targeted site offline. Exploited devices can include networked resources, such as Internet of Things (IoT) devices. IoT devices are frequently riddled with security vulnerabilities, making them easy to recruit into botnets, a factor that has recently led to a rise in unprecedented DDoS attacks.

Once a botnet has been established, the attacker remotely sends updated instructions to each bot to flood a targeted IP address. As each bot is a legitimate Internet device, it is difficult for the site to separate the traffic from regular traffic.

Another factor in the growth of DDoS attacks is that botnets can be sold as “botters” to anyone willing to pay for a DDoS attack. They can be surprisingly cheap and straightforward to initiate, allowing anyone almost anywhere to take almost any site down no matter its size. At the end of last year, the Mirai source code for botnet-driven DDoS attacks was released onto the Dark Web; hackers then began selling botnets as a service.

There are various types of DDoS attack, including NTP amplification attacks, low and slow attacks and the amusingly named, now historic DDoS attacks, Ping of Death and Smurf Attack.

Uses of DDoS attacks can be to silence opposing voices in the media or to take down political opponents. DDoS experts recently predicted that advanced, larger and larger attacks will become increasingly common. Ars Technica described DDoS attacks as “the modern-day equivalent of a caveman wielding a club” because they require very little skill and are not strictly hacking a site, but have the benefit for the attacker of wielding immediate attention.

Filed Under: DDoS Foundations Tagged With: botnet, DDoS, DoS, IoT, Mirai, network

Primary Sidebar

Directory

  • Accidental DDoS
  • Akamai
  • Arbor Cloud
  • Business Rivalry DDoS
  • China Unicom
  • Cloud Computing
  • Cloudflare
  • Corero Network Security
  • DDoS Case Studies
  • DDoS Foundations
  • DDoS History
  • DDoS Landscape
  • DDoS mitigation
  • DDoS Motivation
  • DDoS Protection Services
  • DDoS Scripts
  • DDoS Tools
  • DNS Amplification
  • DNS Flood
  • DoSarrest
  • Extortion DDoS
  • F5 Networks
  • Genie Networks
  • Google
  • Government
  • Hacktivist DDoS
  • HTTP Attack
  • ICMP Flood
  • Imperva Incapsula
  • Infrastructure-related attacks
  • IoT DDoS
  • IP Fragmentation Attack
  • IP Null Attack
  • Kentik
  • LAND attack
  • MemCached DDoS
  • Mitigation Techniques
  • Multi-vector Attack
  • Nation State DDoS
  • Neustar
  • Nexusguard
  • NTP Amplification Attack
  • Null Routing
  • PING Flood
  • Ping of Death
  • Random Recursive GET attack
  • Recursive GET attack
  • Reflection Attack
  • Script Kiddies DDoS
  • Slowloris
  • Slowloris
  • Smokescreen DDoS
  • Specially Crafted DDoS
  • SSL-based DDoS
  • SYN Floods
  • SYN-ACK Flood
  • Types of Attack
  • Types of Mitigation
  • UDP Flood
  • Uncategorized
  • Verisign
  • Verizon
  • XML-DoS
  • Zero-day DDoS Attack
Copyright © 2017 Disclaimer. Privacy Policy
All product names, logos, and brands are property of their respective owners.