TheOlamide’s

DDoS ATTACKS.

Olamide Matthew's photo
Olamide Matthew
·

4 min read

Distributed Denial-of-Service (DDoS) attacks are a subclass of Denial-of-Service (DoS). A DDoS attack is a malicious attack that involves multiple connected online devices, with the aim of disrupting the normal traffic of targeted server, service or network, by overwhelming the target with fake traffic.

These multiple connected online devices are collectively known as botnet, their major aim is to overwhelm a target website or infrastructure with a flood of internet traffic. This attack could be likened to an unexpected traffic jam clogging up the website and hereby preventing regular and legitimate traffic to the website.

These attacks are carried out with networks of internet connected machines (computers, devices IoTs) which have been infected by malware and are being controlled remotely by an attack.

Unlike other cyberattacks, DDoS attacks do not attempt to breach the security perimeter. Rather, it aims to make a website or server unavailable to users. It can also be used as a smokescreen for other malicious activities.

DoS VS DDoS

The difference between these two isn’t far-fetched. In a DoS attack, a malicious agent uses a single internet connection to exploit vulnerabilities or flood a target with fake traffic.

While a DDoS attacks on the other hand are launched from multiple connected devices across the internet.

TYPES OF DDoS ATTACKS.

There are 3 types of DDoS attacks and each of these types define certain parameters and behavior used during the attack and at the same time the targets of the attack.

  1. Application layer attack: This kind of DDoS attack is also known as Layer 7 attack. This attack seeks to overwhelm a server by sending a large number of requests to a server, whereby these requests require resources- intensive handling and processing. The goal of this attack is to exhaust the target’s resources in order to create a denial-of-service. The attack targets the layer where the web pages are generated on the server and delivered in response to HTTP requests. An example of application DDoS attack is HTTP FLOODING. This is just like pressing refresh in a browser over and over on many different devices at once, then large number of HTTP requests flood the server, resulting in DoS.

  2. Protocol Attack: This attack causes a service disruption by over-consuming server resources and/or the resources equipment like firewall and load balancer. The protocol attack exploits vulnerabilities on the layers 3 and 4. These attacks are set up to clog the network. Example include SYN Flood; used to prevent access to servers and causes severe operational damages.

  3. Volumetric attack: This kind of attack attempt to create congestion by consuming all available bandwidth between a target and larger internet. Example is DNS amplification.

REASONS FOR DDoS ATTACKS.

DDoS attacks are launched for several reasons, they could be based on personal interests, business purposes etc.

The following are the reasons for DDoS attack.

  • Hacktivism: DDoS attacks are implemented by hacktivists as a means of expressing criticism, this could be towards government, politicians, business parastatal etc. Hacktivists use pre-made tools to wage war against their targets.

  • Cyber vandalism: Cyber vandals are also referred to as “script kiddies”, because they rely on pre-made scripts and tools to cause harm to the targets. I’m these vandals ate often bored teenagers who are looking for an adrenaline rush, to display their skills or seek vengeance.

  • Extortion: Cybercriminals launches attacks in the target in order to demand money in exchange for stopping the DDoS attack.

  • Cyberwarfare: in this case, state sponsored DDoS attacks are being used to silence government critics and oppositions and also to disrupt critical service in enemy countries.

DDoS ATTACK MITIGATION

DDoS attacks cannot be prevented. However, there are few preventive measures that could be put in place.

  1. Monitoring traffic to look for irregularities, including suspiciously unexplained traffic spikes and visits from suspect IP addresses.

  2. Making use of third-party DDoS testing (pen testing) to simulate an attack against infrastructure in order to be prepared whenever there is an attack.

  3. Creating a response plan and a standby rapid response team, whose responsibility is to minimize the impact of an attack.

In order to protect your system against DDoS attack, a modern mitigation solution must be put in place.

ddos attacks#cybersecurity