Description: Distributed Denial of Service (DDoS) is a malicious attempt to disrupt the normal functioning of a targeted server, service, or network by overwhelming it with a flood of traffic. This type of attack is carried out using multiple compromised systems, known as ‘bots’ or ‘zombies’, which simultaneously send requests to the target. The main characteristic of a DDoS attack is its ability to generate a volume of traffic that exceeds the target system’s capacity to respond, resulting in service inoperability. DDoS attacks can be of different types, including volumetric attacks, protocol attacks, and application layer attacks, each with its own techniques and objectives. The relevance of DDoS attacks has grown in the digital age, where the availability of online services is crucial for businesses and organizations. Managing cloud security posture, securing networks, implementing virtual private clouds, and enhancing infrastructure protection are areas where DDoS protection has become essential, as these attacks can cause significant economic losses and damage to companies’ reputations. Therefore, defending against DDoS has become a priority in the cybersecurity strategy of many organizations.
History: The concept of Denial of Service (DoS) dates back to the early days of the Internet, but DDoS attacks began to gain notoriety in the late 1990s. One of the first documented DDoS attacks occurred in 1999 when a group of hackers launched an attack against the eBay website. As technology advanced, so did the attack techniques, and in 2000, the DDoS attack against the Internet service company Mafiaboy caused significant disruption. Since then, DDoS attacks have evolved in complexity and scale, becoming a common tool for hacktivists and cybercriminals.
Uses: DDoS attacks are primarily used to disrupt the functioning of online services, which can have various motivations, from extortion to political protest. Organizations can also be targeted by DDoS attacks as part of an unfair competition strategy. Additionally, some groups use DDoS as a form of distraction while carrying out other malicious activities, such as data theft. Technology and cloud service companies implement DDoS defense measures to protect their infrastructures and ensure the availability of their services.
Examples: A notable example of a DDoS attack occurred in 2016 when the Internet service provider Dyn was attacked, resulting in the disruption of several major services, including Twitter, Netflix, and Reddit. This attack was carried out using a botnet composed of compromised IoT devices. Another significant case was the DDoS attack against GitHub in 2018, which reached a traffic volume of 1.35 Tbps, making it one of the largest recorded attacks to date.
