Introduction

Let us look into What are DDOS Attacks? Ever faced a breakdown of a website? It is not uncommon these days for an online service relating to banks, merchandise, and several others to crash and not work. Cybercrime is on the rise and with almost more than half of the world working, shopping, and living on the internet, it is now easier for hackers and criminals to give shape to their malicious intent.

DDOS attacks are one such kind of cybercrime that has affected several companies and retailers in the recent past. This is a form of an online attack, a powerful weapon used on the internet. If you hear about a website being bought down, it could be the result of a DDOS attack. What a DDOS attack does is crash a service by attacking its server or network and helping the criminal access data or even bring it down totally.

In this article let us look at:

  1. Working of DDOS
  2. How does a DDOS Attack Work
  3. Symptoms of DDOS Attack
  4. Types of DDOS Attacks
  5. Detection and Prevention
  6. Examples of DDOS Attacks

1. Working of DDOS

What are DDOS attacks? A DDOS attack targets and attacks websites and online services. DDOS stands for Distributed denial-of-service. A DDOS attack type aims to overwhelm the websites with traffic that the server or network cannot accommodate. The traffic could be messages, fake information that could just block and crash the system. A DDOS attack means targeting victims at all levels by completely blocking their avenues and even resorting to extortion to release it.  For a beginner, a DDOS attack is like an unexpected traffic jam that blocks the highway preventing regular traffic and disrupting schedules. Well only in this instance it is done maliciously with an intent to destroy and gain a ransom out of it. 

Key targets are a wide variety of important resources like banks, websites, news channels, online retailers posing a major challenge to ensure that important information can be accessed and published.

2. How does a DDOS Attack Work

How DDOS work is a question that most people would want to know. They are carried out with a network of internet-connected devices or machines that overwhelm the target or its surrounding infrastructure. The network usually comprises computers and devices infected with malware that lets them be controlled remotely by the attackers. Often known as bots or botnets ( a group of bots), once established these can capture remote instructions from the attacker to direct the attack. Once the botnet targets the server or network, requests are sent to the IP address causing it to be inundated and resulting in a DDOS attack.

3. Symptoms of DDOS Attack

A sire or service becoming slow is the most obvious symptom of a DDOS attack. A few telltale signs of a DDOS attack are:

  • A suspicious amount of traffic from one particular source, single IP address 
  • A flood of traffic from users displaying similar behavioral profile- location, device type, web browser
  • A sudden and unexplained surge in requests to a page
  • Odd patterns in site traffic like surge during odd times of the day or an unnatural pattern ( spike every half hour)

A legitimate spike in traffic could create performance issues but it is important to investigate further. An investigation needs to be conducted when it appears to be abnormal. For eg: if an online retailer sees a surge in traffic just after Christmas, Black Friday sales. There are several specific signs of a DDOS attack but they depend on the type of attack.

4. Types of DDOS Attacks

There are different ways of DDOS attacks. DDOS types of attacks generally fall into one or more broad categories. It can also combine them with sophisticated attacks that fall on different vectors. The broad categories are:

  • Volume Based Attacks – sending massive amounts of traffic to just crash a network’s bandwidth
  • Protocol Attacks – these are more precise and focussed. They tend to exploit the vulnerabilities in a server and crash it.
  • Application Attacks – the most sophisticated form of DDOS attacks, the focus on certain web applications.

Network connections on the Internet comprise of different components or layers. Like a house is built on different levels, each of these layers or levels serves a different purpose. The network connections on the Internet consist of different layers of the Open Systems Interconnection (OS) model. The different kinds of DDOS attacks focus on these layers.

5. Detection and Prevention

DDOS attack prevention is a difficult task. Companies have to plan, defend, and mitigate this kind of attack. It is important to determine one’s vulnerabilities. A few ways to detect and prevent types of attack in network security are:

  • Take swift action by notifying the ISP provider, re-routing traffic, and having a backup ISP.
  • Configure firewalls and routers can help reject bogus traffic which serves as an initial line of defense.
  • Artificial Intelligence uses the system to track bogus traffic, route it to cloud where it is analyzed and blocked before it reaches the server
  • Use anti-virus or security software for individual computers that will have the latest security patches.

6. Examples

Examples of what are DDOS attacks and how they affect systems can be understood by two notable examples that have taken place in the recent past.

In the year 2000, Michael Calce ( a 15-year-old), used the online name “Mafiaboy” and launched one of the first DDOS attacks. He hacked into the computer network of universities and used them to crash servers of major websites like eBay, Yahoo, CNN. He was convicted for his crimes in the youth court. Following this, he is now a “White-hat hacker” identifying vulnerabilities in the computer systems of major companies.

In 2016, DNS a major domain name system provider was the target of a major DDOS attack that crashed several websites and services like PayPal, Visa, Amazon, Reddit, Airbnb, Spotify, Netflix, The New York Times, and GitHub.

The online gaming industries have been at the receiving end of DDOS attacks and other software and media companies too. 

The main aim of a DDOS attack is to pursue a prime motive like stealing data, manipulating data, or installing malicious software. It is done with the attention of diverting the attention of the target organization and making it vulnerable.

Conclusion

DDOS attacks are ways for perpetrators to make a source of network resource unavailable for a period of time or indefinitely. It aims to disrupt the services of a user that is connected to the Internet. DDOS attacks are a weapon of choice for hackers, cybercriminals who work with profit, nations at war, and computer wizards to make a point. It is an art and also involves careful intelligence on the part of the person or group executing it. With the internet being so vulnerable owing to its accessibility, companies must take every step possible to protect themselves from a DDOS attack.

So, have you made up your mind to make a career in Cyber Security? Visit our Master Certificate in Cyber Security (Red Team) for further help. It is the first program in offensive technologies in India and allows learners to practice in a real-time simulated ecosystem, that will give you an edge in this competitive world.

SHARE