Wednesday 01 February, 2017
Distributed denial of service (DDoS) is one of the most common types of online attacks. It comes in many different forms but the basic idea is the same – it floods a network with data to keep a host from connecting to the internet.
How it works is that hackers take over multiple systems usually through a Trojan and then use these systems to attack one. The victims of the attack are the ones taken over, which are referred to as zombies, as well as the end user who is attacked.
The hacker, whose computer is called a master, sends commands to the zombies and they must comply. The commands are to keep sending communication requests to the end user. These are packets or bits of information.
The zombies under the orders of their master send so many bits of information that it floods the victim’s network and it can no longer operate. Just as the name suggests, it’s a denial of service due to a flood of traffic (‘distributed’ refers to attacks where multiple computers are used, such as what’s described above).
The target of a DDoS attack can be any computer resource that connects to the internet. This includes websites, networks, apps, emails and even voicemail or VoIP systems like Skype. Anything that connects to the web can be part of a DDoS attack.
Prank or Major Disaster?
Through a DDoS attack, your site or computer isn’t actually hacked. No access is gained. The attack simply shuts down your system or kicks you off the internet for a while.
This sounds relatively harmless compared to other types of attacks. It’s almost like a prank. But if you run an ecommerce site, time is of the essence. Every minute that you’re offline trying to get back on, you’re losing sales.
This is one of the easiest types of attacks that even an amateur hacker can pull off and the targets are often large companies such as banks and credit card payment gateways. When a bank or other financial service gets hit with a DDoS, it can cost them millions. No transactions can go through. It also hurts their credibility with customers, who may not understand how easy a DDoS attack is for hackers and that no access was gained.
A Growing Threat
Another thing that makes DDoS attacks more serious is that they’ve changed a great deal over the last decade. The sheer size of a typical DDoS attack today is staggering by ten years’ ago standards. In an attack today, a great deal more data can flood a system and this data may come from hundreds or thousands of zombies. A huge attack in October 2013 nearly shut down whole parts of the internet. Plus, attacks today are much more complex in their nature, making them harder to prevent.
The nature of today’s DDoS attacks has also changed. Today, they’re not just hacker mischief. DDoS is a common tool used by hacktivists like the hacker group Anonymous. These groups use DDoS attacks for social change or cyber-terrorism, depending on how you feel about the issue.
With the ease of pulling off a DDoS attack, it’s also more common today for disgruntled employees to use them against their employers, another good reason for companies to restrict access in the workplace.