DDoS Basics

A Denial of Service attack (DoS) is a form of cyber attack intended to overload, disrupt, and temporarily disable one’s network or server. These attacks are done to provoke others and to disrupt a service. The ease of carrying out a DoS attack by those with a minimal technological background and their consistent effectiveness makes these types of attacks very common.

DoS attacks are done when one uses their network in order to flood a targeted network with useless traffic with the intention of overloading it. Although one’s personal internet bandwidth may be enough to have an effect on a small server, it will usually not be powerful enough to have a significant effect on any decently large server system. To impact a larger system, a similar attack known as a DDoS (Distributed Denial of Service) attack will usually be done. A DDoS attack has the same intentions as a DoS, but has one substantial difference: Instead of using a single, personal network to attack another, the individual uses a “bot” network of many hijacked devices to attack the target network. A “compromised” home device is used as a “bot” or “zombie” to DDoS through the use of malware, and the owner of the device will usually be unaware that it is compromised. Depending on the number of devices involved, the effects of a DDoS can range from merely slowing down the targeted server, to overloading it to the point where the server does not have sufficient resources to process legitimate traffic. The result is that the server is forced offline.

A recent example of a successful and disruptive DDoS occurred on the 21st of October, 2016. The attack was one of the largest of its kind with traffic ranging from an average magnitude of 100 Gigabytes per second to 800 Gigabytes per second (and possibly peaking at around 1200 Gigabytes per second). The attack was made possible when hackers infected thousands of vulnerable, unprotected security cameras, DVRs, and unsecured internet routers. The devices were then used en masse to overload servers of Dyn. Dyn is a company that hosts some of the most popular internet websites, such as Netflix, Reddit, and Twitter. Because of this, they were the primary target for a group of currently unconfirmed hackers. Their servers had been slowed down or made completely inaccessible for legitimate users. If the compromised attacking devices had been protected with a basic layer of security, the magnitude of the attack could have been far less significant.

To protect yourself from a wide degree of cyber attacks several simple, easy, but effective actions can be taken. Firstly, avoid visiting suspicious websites or ones that are not trusted, especially from spam links, accounts, and messages. For example, if a site attempts to automatically download files to your computer, it may a sign the site is infected. Also, one should download files and programs from only trusted websites and publishers. Lastly, one should secure every owned device with a complex password, as devices left with default passwords are optimal targets for hackers. These simple actions significantly reduce the risk of becoming a victim of a cyber attack and reduce the chance of your device or network from being used as a puppet by someone else.

Written by Daniel Martinez

This entry was posted in Security. Bookmark the permalink.