As the world is becoming more digitally connected, the risks of cybercrime have increased. In this article, we will focus on a specific type of cyber attack called the DDoS (pronounced ‘dee-dos’). First of all, you should be curious about what is meant by this term, which is both an initialism and a short and clearly a cross, can be regarded as both. Let’s try to understand.
What does ‘DDOS’ mean
DDoS stands for Distributed denial of service, In other words, the regular is called ‘denied service’. online traffic of a particular website or service. In this type of cyber attack, cybercriminals send a large chunk of data over an online network/service/server to basically bring it down or make it stop working. When we say a huge chunk of data, we mean a huge amount of internet traffic from various sources. Once the online network/service/server is down and/or the infrastructure around the target server is affected, hackers can easily enter the system they wish to use to their advantage.
Understanding what hackers are trying to do
Imagine what regular online traffic would be like on a busy street on a given day. Now suppose someone managed to introduce (hypothetically) hundreds of vehicles at a certain point (unexpected online traffic or the bulk of the attack traffic), what would happen? The road will be so jammed that regular online traffic will not be able to reach its destination (the desired server). That’s what a DDoS attack does.
how does DDoS Cyber Attack Work
Hackers first send malware over a network of computers/systems/IoT devices they want to target. Devices get infected with malware and then they naturally become part of the infected network and act as bots (or zombies) individually. The entire compromised network is called a botnet.
Once a network of infected devices or botnets is created, it opens the way for hackers to exploit the device and remotely control each bot (or malware-infected device) in the network. Now, each bot sends a request to the target IP address, thus having a high chance of overwhelming it, leading to a denial of service for regular online traffic. Since each bot is a part of its own network of victims’ devices and one is registered, it is quite difficult to identify and separate attack traffic from regular traffic.
How to know if you are a victim of DDoS attack?
Whenever a website or online service suddenly slows down or crashes, it is likely that it has been targeted with a DDoS attack. Now, since a site may be slow or unavailable due to a surge in regular traffic and some other reasons, online traffic analysis tools can help identify some of the classic signs of a DDoS attack. Some of these include a massive increase in traffic from users with a single behavioral profile (such as location, a particular device or web browser version), unusual and suspicious online traffic coming from a single IP address or IP range, and an unexplained increase in requests. A page or endpoint, a sudden increase in traffic at odd hours or at certain fixed time intervals, etc. We will be discussing various over the counter measures done in our upcoming article.
,