A Distributed Denial of Service (DDoS) attack is a type of cyberattack where an attacker floods a targeted network or system with a massive amount of traffic, overwhelming its resources and rendering it unavailable to legitimate users.
This malicious activity can cause significant disruptions to businesses, organizations, and individuals, resulting in financial losses and damage to reputations.
In 2018, a record-breaking DDoS attack reached 1.7 Tbps in size, and the average cost of a DDoS attack can range from $40,000 to $1 million per hour, with 60% of organizations having experienced a DDoS attack in the past year.
What exactly a DDoS Attack is?
A Distributed Denial of Service (DDoS) attack is a type of attack where many infected computers work together to overload a target system, causing it to crash.
By using multiple servers and internet connections, DDoS attacks flood the target with excessive traffic, making it one of the most powerful tools in cyberattacks.
When you hear about a website going down, it often means it has been hit by a DDoS attack, where hackers bombard the site with traffic, causing it to crash.
An example of a DDoS attack is the one on GitHub in 2015, which hit 1.3 Tbps and was one of the biggest ever. It used a technique that made a lot of fake requests by exploiting a system called Memcached. The attack was huge, but GitHub’s DDoS protection service quickly noticed it and stopped it within 20 minutes.
How does a DDoS attack work?
DDoS attacks are done using networks of devices connected to the Internet.
These networks are made up of computers and other gadgets (like IoT devices) that have been infected with malware. This malware allows an attacker to control them remotely. These devices are called bots (or zombies), and a group of them is known as a botnet.
Once a botnet is set up, the attacker can command the bots to launch an attack.
When the botnet targets a victim’s server or network, each bot sends requests to the target’s IP address. This can overwhelm the server or network, causing it to stop working for normal users.
Since each bot is a real Internet device, it can be hard to tell the attack traffic from normal traffic.
7 ways to prevent a DDoS attack
