What is DDoS?
[Image: shutterstock_311192399.jpg]

So, I get asked a lot: "What actually is DDoS?"
You may have heard the term a lot. Particularly in online gaming or web hosting. Especially since the rise of organisations such as Anonymous, Lulzsec, Team Poison, etc.

Today, I am going to answer what DDoS is, and over the next few threads I will also (should people want it) explain how to protect yourself from it.

A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. They target a wide variety of important resources, from banks to news websites, and present a major challenge to making sure people can publish and access important information.

Research suggest that:

  1. $150 can buy a week-long DDoS attack on the black market

  2. 1/3 of all downtime incidents are attributed to DDoS attacks.
  3. Approximate costs of an attack on a company range from $52,000 to $444,000 depending on the size of the company and the protection that they have. Reputational damages are what causes the most harm to companies.
So, how does it work?
Attackers build up vast networks of infected computers known as "botnets". This is done by spreading malicious software through websites, emails or social media. Once infected, these machines can then be controlled remotely without the owner's knowledge or consent. They are then used to launch an attack against a target by coordinating the entire network to overwhelm a website server with traffic all at the same time. Some botnets are literally millions of computers strong.

Are there different kinds of DDoS?
Absolutely. Yes.
There are four common categories of attacks, with more attack types being developed constantly. The common ones are:
TCP Connection attacks
These attempt to use up all the available connections to infrastructure devices such as load-balancers, firewalls and application servers

[i]Volumetric attacks[/i]
These attempt to consume the bandwidth either within the target network/service, or between the target network/service and the rest of the Internet.

[i]Fragmentation attacks[/i]
These send a flood of TCP or UDP fragments to a victim, overwhelming the victim's ability to re-assemble the streams and severely reducing performance

[i]Application attacks[/i]
These attempt to overwhelm a specific aspect of an application or service and can be effective even with very few attacking machines generating a low traffic rate

Why do people DDoS?
Honestly, there is no one simple answer for this question. Reasons for DDoS can be vast and broad. One of the larger reported examples of DDoS is "peaceful protest" (peaceful in the sense that nobody is injured) where 'Hacktivists' such as Anonymous would take services offline in retaliation for something.

Another example, which is more common than people might think, is industrial espionage. This is where one company deliberately damages their competitors in order to gain an advantage in their field, or to damage the reputation of their competitors.

Another reason, is blackmail. Yep... Blackmail.
Some sites are often attacked, and held offline for long periods of time until companies or individuals pay the attackers to leave them alone. 
"I'm a gamer, not because I don't have a life... But because I choose to have many"

Users browsing this thread: 1 Guest(s)