In October 2016, hundreds of the world’s biggest and most popular websites in the U.K. and the U.S. — including Twitter, eBay, Reddit and Spotify — were the subject of several waves of a massive DDoS attack that rendered the sites inaccessible for thousands of people throughout the day.
Many people referred to the disruption caused by the DDoS attacks as an “internet shut down,” and openly wondered what exactly a DDoS attack is. How does a DDoS attack happen anyway, and how does it manage to cause such lengthy global internet outages?
Well, a ‘distributed denial of service’ attack — commonly known as a DDoS attack — is an illegal hacking activity that takes down an online service and makes it unavailable by overwhelming it with web traffic from multiple sources. Hackers can buy a week-long DDoS attack for as little as $150 on the black market, TrendMicro Research reports (PDF). These malicious individuals often target websites and other computer systems for revenge, extortion, activism or even competitive brand damage.
Interestingly, DDoS attacks are relatively simple to implement, but notoriously difficult to defend against. They are among the most potent tools in a cyber criminal’s arsenal that can take even the most protected computers offline, from banks systems to SaaS applications and ecommerce websites.
What is a DDoS Attack?
DDoS attacks exploit the power of a network of tens of thousands of compromised computers, known as a “botnet,” to flood a website’s servers with page view requests. This overload of page requests renders legitimate traffic unable to get through. When an internet server is dealing with an overload, it is unable to respond to most normal queries, making it impossible for internet browsers to access the websites.
Attacks on Domain Name Service (DNS) providers or hosts are typically more effective than targeting a single website because hundreds of sites rely on them to direct traffic. DNS hosts such as Dyn, the provider that was hit in the aforementioned DDoS attack, are central to the operation of the internet.
DNS providers operate the “internet’s address book.” They ensure that website addresses (domain names) such as www.yourwebsitename.com are routed and make it to the correct site. If a DNS provider goes offline, then domain names powered by that provider are not routed to a website, meaning they fail to load web pages. Dyn, for example, powers some 3,500 enterprise customers including Netflix, LinkedIn, TripAdvisor and CNBC among many others, according to information on its website.
Nobody claimed responsibility for the 2016 DDoS attacks against Dyn, but experts said they were simple enough to have been carried out by mischievous teenagers rather than malicious state-sponsored attackers. Even amateur hackers can scan for vulnerable websites and computer systems using easily available software, and turn thousands of them against a single target.
Types of DDoS Attacks
Distributed Denial of Service (DDoS) attacks are malicious attempts to disrupt the normal functioning of a targeted server, service, or network by overwhelming it with a flood of Internet traffic. These attacks can have a devastating effect on businesses, resulting in financial losses, reputation damage, and even potential legal implications. DDoS attacks have evolved over the years, giving rise to various methods to cripple targeted infrastructure.
Here are some different types of DDoS for businesses to be aware…