Description: A distributed denial-of-service (DDoS) attack involves multiple systems attacking a single target to overwhelm it. This type of attack aims to make a service, network, or server inaccessible to legitimate users by saturating its response capacity. Attackers often use a network of compromised devices, known as botnets, which can include computers, servers, and IoT devices. By coordinating traffic from multiple sources, the attack becomes harder to mitigate, as the volume of requests can exceed the target’s handling capacity. Key characteristics of a DDoS attack include its distributed nature, the variety of methods used to generate traffic (such as packet floods, HTTP requests, or amplification attacks), and its potential to cause significant damage to the reputation and operability of affected organizations. The relevance of DDoS attacks has grown in the digital age, where the availability of online services is crucial for businesses and users. Protection against these attacks has become a priority in network security, leading to the implementation of various strategies and technologies to mitigate their impact.
History: The concept of denial of service dates back to the early days of the Internet, but DDoS attacks began to gain notoriety in the late 1990s. One of the first documented DDoS attacks occurred in 1999 when a group of hackers launched an attack against eBay’s website. Since then, the technique has evolved, with more sophisticated and larger-scale attacks. In 2000, the DDoS attack against Yahoo!’s site was one of the most significant, causing service disruption for several hours and demonstrating the destructive potential of these attacks. Over the years, the technology and tactics of attackers have advanced, leading to an increase in the frequency and severity of DDoS attacks.
Uses: DDoS attacks are primarily used to disrupt the operation of online services, which can have various motivations, such as political activism, unfair competition, or simple digital vandalism. They can also be employed as a distraction to carry out other types of cyberattacks, such as data theft. Organizations often face these attacks as part of their cybersecurity defense strategy, implementing measures to protect their infrastructures and ensure service continuity.
Examples: A notable DDoS attack occurred in 2016 when the DNS service provider Dyn was attacked, resulting in the disruption of several major websites, including Twitter, Netflix, and Reddit. This attack was carried out using a botnet composed of compromised IoT devices, highlighting the vulnerability of these devices in network security. Another example is the DDoS attack against GitHub in 2018, which reached traffic of 1.35 Tbps, making it one of the largest recorded attacks to date.
