What is a DDoS attack?
A Distributed Denial of Service (DDoS) attack is an attempt to make a targeted server, service or network unavailable by overwhelming it with web traffic from multiple source IPs.
DDoS attacks work by utilizing multiple compromised computer systems as sources of attack traffic. Any device that is connected to a network could be attacked, for example computers, iPads, phones and Internet of Things (IoT) devices.
There has been an increase in the number of IoT devices in people’s homes and offices, which makes DDoS attacks more likely as well as more sophisticated and harder to defend.
How do DDoS attacks work?
Attackers gain control of a network of online machines when carrying out DDoS attacks. Computers and IoT devices are infected with malware, with each device being turned into a bot. Together the bots form what is known as a botnet, which the attacker has remote control over.
The attacker sends instructions remotely to each bot, and starts the DDoS attack. Once a DDoS attack is triggered, the bots respond by sending requests to the target server or network. If successful, the traffic overflows the network’s capacity and causes a denial-of-service to regular traffic.
4 common types of DDoS attacks
- DNS flood – A DNS (domain name system) flood is when an attacker floods a particular domain’s DNS servers to disrupt the DNS resolution of that domain. If a user is unable to find the DNS record, they are unable to make any requests. A DNS flood can compromise a website, API or web application’s ability to respond to legitimate traffic.
- HTTP flood – With HTTP floods the attacker tries to overwhelm a targeted server with a flood of HTTP requests. By flooding the server with HTTP requests, the server is no longer able to respond to requests from normal traffic.
- SYN flood – A SYN attack attempts to make a server unavailable by consuming all its available resources. By sending a flood of initial connection request (SYN) packets, the attacker overwhelms the targeted server, making it unavailable to respond to legitimate traffic.
- Low Orbit Ion Cannon (LOIC) – LOIC attacks are open-source stress testing attacks that are written in C#. It is a tool that is often used by hacktivist groups such as Anonymous and users of 4Chan forums. LOIC attacks can be started with very little technical expertise, as they have a point-and-click interface. LOIC works by flooding a target server with packets, often from thousands of users who coordinate attacks on the same target.
Consequences of a DDoS attack
DDoS attacks aim to disrupt online services and often have political, financial or malicious motivations. Downtime can be damaging for many online services, especially for businesses that cannot tolerate any loss in service.
DDoS attacks can cause brand damage, affect customer relations, and have major financial repercussions. In a study carried out by Hyve last year, we found that one-third of UK consumers would judge a brand if its website was down, perceiving it as ‘unprofessional’ or ‘poorly managed.’
Take a look at the Digital Attack Map to see how many DDoS attacks are currently occurring around the world!
To find out more about Hyve’s DDoS Defence System, get in touch with our sales team on 0800 612 2524.