Description: DDoS (Distributed Denial of Service) is a cyber attack that aims to disrupt the normal functioning of a target server, service, or network by overwhelming it with a flood of traffic. This type of attack is carried out using multiple compromised systems, known as ‘bots’ or ‘zombies’, which send requests simultaneously to the target. The distributed nature of the attack makes it difficult to mitigate, as the traffic comes from various sources, complicating the identification of the attackers. DDoS attacks can vary in intensity and duration and can be directed at any online entity, from small businesses to large corporations and government services. The growing reliance on cloud infrastructures has made DDoS attacks a significant concern for cybersecurity, as they can cause severe disruptions to services and considerable economic losses. Additionally, these attacks can be used as a distraction tactic to facilitate other types of more sophisticated intrusions. In summary, DDoS attacks represent a significant threat in the realm of online networks, where availability and service continuity are essential for the operation of modern businesses.
History: The concept of DDoS began to take shape in the 1990s when denial of service (DoS) attacks became more common. However, the term ‘DDoS’ gained popularity in the mid-2000s when botnets were used to carry out more complex and devastating attacks. One of the first notable DDoS attacks occurred in 2000 when the e-commerce website eBay was attacked, resulting in significant service disruption. Since then, DDoS attacks have evolved in sophistication and scale, becoming a common tool for hacktivists, cybercriminals, and advanced threat groups.
Uses: DDoS attacks are primarily used to disrupt the functioning of online services, which can have various motivations, such as political activism, extortion, or unfair competition. They can also be employed as a distraction tactic to conceal other cyber attacks, such as system infiltration or data theft. Additionally, some criminal groups offer DDoS services as part of a business model, allowing others to pay for targeted attacks against competitors or enemies.
Examples: A notable case of a DDoS attack occurred in 2016 when the DNS service provider Dyn was attacked, resulting in the disruption of several major websites, including Twitter, Netflix, and Reddit. This attack was carried out by a botnet called Mirai, which used compromised IoT devices to generate massive traffic. Another example is the DDoS attack against GitHub in 2018, which reached traffic of 1.35 Tbps, making it one of the largest recorded attacks to date.
