DDoS attack explained
Distributed Denial of Service (DDoS) attacks are cyber attacks that take advantage of the precise capacity limits that refer to any network resources. So, it disrupts fundamental targets such as a network, system, or server. The DDoS attack sends a lot of requests to the targeted web resource. The intention is to exceed the capacity of the website to handle an increased number of requests. So, finally, to not allow the website to function accurately.
The DDoS attacks have some typical targets, which are the following:
- Sites for online shopping
- All kinds of businesses or organizations providing online services
What are the first warning signs of a DDoS attack?
How does DDoS attack work?
Network resources like web servers have a particular number of requests which is their limit. In addition, the channel connecting the server to the Internet also has a limited bandwidth/capacity. So, when the amount of requests is more than the capacity limits of an element of the infrastructure, the service will experience one of the following:
- Much slower response to requests rather than usual.
- Some of the users’ requests or even all of them can be ignored.
The attackers’ original goal is to completely disturb the web resource’s normal function and absolute ‘denial of service.’
Types of DDoS attacks
The three generic kinds of DDoS attacks are the following:
- Volume-based attacks. Through this kind of attack, huge amounts of fake traffic are used to overwhelm a device. It could be a website or a server. Here are included UDP, ICMP, and spoofed-packet flood attacks. The size of a volume-based attack can be estimated in bits per second (bps).
- Protocol or network-layer DDoS attacks. This type of attack sends massive amounts of packets to its target network infrastructures and infrastructure management tools. Common protocol attacks are Smurf DDoS and SYN floods. Their size can be estimated in packets per second (PPS).
- Application-layer attacks. These attacks are initiated by flooding applications with maliciously made requests. Their size can be estimated in requests per second (RPS).
Finally, for every type of attack, the aim is identical. The intention always is to make the resources of the victim sluggish or even absolutely unresponsive.
What is the motivation behind it?
Over time DDoS attacks are becoming very popular. Actually, these attacks are now one of the most common types of cyber threats. Furthermore, in the past years, the amount of such performed attacks is growing quickly.
Some of the motivations behind DDoS attacks are the following:
- Philosophy – Attackers that are also known as “hacktivists.” Sites that implement an ideology are their usual target. Hacktivists are initiating the attack because they don’t agree with the philosophy of the target.
- Professional conflicts – Some organizations intentionally and strategically use DDoS attacks. The goal is to disrupt and take down the website of their competitor.
- Shakedown – Attackers, in this case, are using DDoS attacks as a threat. They are implementing it as a way to force the victim to pay them.
- Boredom – The attackers, in this case, are also known as cyber vandals. They seek a way to race their adrenaline. Usually, to start the attack, such people use scripts that are pre-written.
Recommended article: DDoS protected DNS service – Why is it important?