You may have heard of hackers taking down websites in a DDoS attack. During a DDos strike, users will see a server error message whenever they try to access the website or service.
Companies who get DDoSed suffer thousands of dollars' worth of damages. The longer hackers keep their sites down, the more money victims lose.
So what is a DDoS attack? What is the actual definition of a DDoS attack?
What Is a DDoS Attack?
A DDoS or Distributed Denial of Service is a type of cyberattack that targets web servers, databases, and other online services. It is done by flooding or drowning a system with too much web traffic.
The overwhelming traffic can be excessive incoming messages, multiple requests for data, or a high volume of queries. The goal is to overwhelm the system so that it crashes, rendering it inoperable or inaccessible to legitimate users. This is the "Denial of Service" the term refers to.
Attackers often use an army of “zombie computers” called botnets. These are a network of compromised devices that are remotely controlled by hackers.
Botnets are controlled by a command and control (C2) server. They can lie dormant while attackers wait for the perfect time to strike.
Hackers will give orders to a C2 Server that will then send instructions to the compromised devices. The latter will send fake traffic in the form of overwhelming connection requests or too much data that’s more than a server can handle.
Why Get DDoSed?
The motivation behind an attack could be revenge by a disgruntled employee with an ax to grind, or a rival company looking to take down their competition. It may also be done by terrorists and other groups who want to make a statement or cybercriminals who may want to create a distraction for another bigger, more sinister attack.
However, some do this for direct financial gain. They could extort companies by blackmailing them. They’ll attack then ask for payment in bitcoins.
Companies may give in to this request, since they risk losing a lot of money for every minute their sites are down. Attackers have done this to e-commerce sites during critical times like around Christmas.