Tech Glossary
Distributed Denial of Service (DDoS)
A Distributed Denial of Service (DDoS) attack is a cyberattack in which multiple systems flood the bandwidth or resources of a target system, typically a web server, rendering it inaccessible to legitimate users. This attack is "distributed" because it originates from multiple sources, often utilizing a botnet—an army of infected devices controlled by the attacker.
How DDoS Attacks Work:
1. Preparation: Attackers often compromise numerous devices (e.g., computers, IoT devices) to create a botnet. These devices are infected through malware and can be remotely controlled without the owners' knowledge.
2. Execution: The attacker instructs the botnet to simultaneously send a massive amount of traffic, including requests or data packets, to the target server or network.
3. Overloading: The flood of traffic overwhelms the server’s capacity, causing it to slow down or crash, denying access to legitimate users.
Common Types of DDoS Attacks:
1. Volume-Based Attacks: Overload the bandwidth of a system, such as a UDP flood.
2. Protocol Attacks: Exploit weaknesses in protocols like TCP or HTTP, as in SYN floods.
3. Application-Layer Attacks: Target specific applications or services, often more stealthy and difficult to detect.
Impact of DDoS Attacks:
1. Downtime: A targeted website or service may become unavailable for hours or even days.
2. Revenue Loss: Businesses, especially e-commerce platforms, can lose significant income during outages.
3. Reputation Damage: Prolonged unavailability can erode customer trust and damage brand reputation.
Defense Strategies:
1. Traffic Filtering: Use firewalls and intrusion prevention systems to block malicious traffic.
2. Rate Limiting: Limit the number of requests a server accepts from a single source.
3. DDoS Mitigation Services: Services like Cloudflare, Akamai, and AWS Shield protect against large-scale attacks.
4. Load Balancing: Distribute traffic across multiple servers to prevent overloading any single system.
Real-World Examples:
In 2016, the Mirai botnet launched a massive DDoS attack on Dyn, an internet infrastructure company, causing major websites like Netflix and Twitter to go offline.
Gaming platforms and financial institutions are frequent targets, given their high dependency on uptime and real-time services.
DDoS attacks remain one of the most common and disruptive forms of cyberattacks, making robust defenses essential for businesses of all sizes.