Description: Distributed Denial of Service (DDoS) is a type of cyber attack in which multiple compromised systems are used to flood a specific target with traffic, causing the service to become inoperable. This attack is carried out through a network of infected devices, known as a botnet, which send massive requests to the target server. The traffic saturation can deplete the server’s resources, preventing legitimate users from accessing the service. DDoS attacks can take various forms, including volumetric attacks that aim to consume bandwidth and application layer attacks that focus on exhausting server resources. The complexity of these attacks lies in their distributed nature, making mitigation difficult as the traffic comes from multiple sources. Protection against DDoS is a crucial aspect of cybersecurity, and organizations must implement adequate measures, such as firewalls and intrusion detection systems, to safeguard their infrastructures. In the context of TCP/IP, DDoS attacks can exploit vulnerabilities in the protocol to amplify malicious traffic. DDoS attacks can have devastating consequences, affecting the availability of critical services and the reputation of businesses.
History: DDoS attacks began to gain notoriety in the 1990s, with the first documented incidents involving simple denial of service attacks. However, the term ‘DDoS’ became popular in the late 1990s and early 2000s when botnets were used to carry out more sophisticated and devastating attacks. One of the most significant events was the attack on the hosting company eBay in 2000, which resulted in the disruption of its services for several hours. Since then, DDoS attacks have evolved in complexity and scale, becoming a common tool in the arsenal of cybercriminals.
Uses: DDoS attacks are primarily used to disrupt the operation of online services, such as websites and applications. They can also be used as a form of extortion, where attackers threaten to carry out an attack unless a ransom is paid. Additionally, DDoS attacks can serve as a distraction while other types of cyber attacks, such as data theft or network infiltration, are carried out.
Examples: A notable example of a DDoS attack was the attack on Dyn in 2016, which affected numerous online services, including Twitter, Netflix, and Spotify. This attack used a botnet composed of compromised IoT devices, resulting in a massive service disruption. Another case is the attack on GitHub in 2018, which reached a traffic of 1.35 Tbps, setting a record for the magnitude of DDoS attacks.
