What is a Ddos attack ?

Cyber attack + blog Z. Oualid todayJanuary 24, 2021

Background
share close

if you work in the cybersecurity field or at least you have a website that you manage, then you have definitely heard about some DDOS attacks, so what is a DDOS attack?

A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the normal traffic on a server or network by generating unexpected traffic floods.

It is one of the powerful weapons of the criminal toolbox. With the evolution of technology, DDoS attacks are becoming more dangerous and can be difficult to stop. Whether you are a small business or a multi-national company, your online activities can be disrupted or stopped by a DDoS attack. In this article, we will learn about DDoS attacks in detail and ways to protect against them.

What is DDoS attack?

As I said in the beginning, the distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the normal traffic on a server or network by generating unexpected traffic floods. The goal is to render the normal functioning of a website or server. A DDoS attack is like a traffic jam that prevents vehicles from arriving at their destinations.

The traffic can consist of incoming messages, emails, fake packets, or connection requests. Hackers or cybercriminals make DDoS attacks effective by using multiple compromised systems as attack sources. They build a network of infected systems known as ‘botnets’ to spread malicious software. These Botnets help to generate a traffic flood to overwhelm a targeted network. A wide variety of resources such as banks, online servers, and websites become DDoS attack victims. 

Some marketplaces exist to buy these botnets. It costs $150 to buy a week-long DDoS attack that is capable of attacking a small organization. According to the ATLAS threat report, more than 2000 DDoS attacks occur in a day worldwide.

How does a DDoS attack work?

Cybercriminals carry out DDoS attacks by using a network of Internet-connected devices. The network contains infected computer systems and IoT devices that allow hackers to control the targeted devices remotely. An attacker can direct a DDoS attack by sending remote instructions to botnets. These botnets generate traffic that overwhelms the target servers or networks and renders them inoperable. The attack causes service outages and crashes the server that leads to productivity loss or service interruption.  

Types of DDoS attacks

Here is a brief description of different types of DDoS attacks.

  • TCP Connection Attacks

TCP connection attack exploits the vulnerability in TCP connection sequence that is a three-way handshake connection with the server and host. The targeted network or server receives a request to begin a handshake. The handshake never completes in an SYN flood or TCP connection attack. As a result, the connected ports become unavailable to process further requests, and the server shuts down. 

  • Application Layer Attack

Application layer attack is also known as the Layer 7 attack. It sends legitimate requests to the targeted system initially in a sophisticated way. When it gets too late, the victim overwhelms and unable to respond. This attack aims to target servers that generate web pages and respond to HTTP requests. 

  • Fragmentation Attacks

It is a DDoS attack that cybercriminals use to exploit the vulnerabilities in the datagram fragmentation process. It divides the IP datagram into small packets and transfers them across the network. A fragmentation attack prevents the reassembling of these packets and overwhelms the server.

  • Volumetric Attack

It is the most common form of DDoS attack that uses a botnet to flood a server or network with traffic. This traffic seems to be legitimate but affects the network’s capabilities to process the regular traffic.

How to prevent your device from a DDoS attack?

Here are some ways to protect your devices from the distributed denial-of-service attacks.

  • Wi-Fi router is the gateway to the network. Secure your Wi-Fi network by changing the default network or install a VPN for improved security.
  • Internet of things (IoT) devices that connect to the Internet for increasing the functionality and efficiency of a system come with the default passwords. Change the default credentials of IoT devices to wander securely on the Internet.
  • Use comprehensive security solutions with your digital devices for enhanced protection.
  • Configure or install firewalls and routers to reject the bogus traffic. Keep the firewalls and routers updated with the advanced security patches.
  • Keep all your software updates all the time

Written by: Z. Oualid

Rate it

About the author
Avatar

Z. Oualid

I am a Cyber Security Expert, I have worked with many companies around the globe to secure their applications and their networks. I am certified OSCP and OSCE which are the most recognized and hard technical certifications in the industry of cybersecurity. I am also a Certifed Ethical hacker (CEH). I hope you enjoy my articles :).


Previous post
biometric data could be used in a two factor authentication system.

todayJanuary 20, 2021

close

Cybersecurity Z. Oualid

Two factor authentication meaning

Due to the increase of the cyberattack around the glob, many companies have started to implement what we call the Two factor authentication or multifactor authentication system. Two factor authentication ...


Similar posts

Post comments (0)

Leave a reply

Your email address will not be published. Required fields are marked *