There are many types of viruses and malware that can infect our computer, but beyond having a Trojan, for example, or falling into phishing scams that steal our data, there are also other types of attacks, such as DDoS or DoS attacks. that surely you have heard or read about them but we explain what they are, how they work, how they affect or to whom they are directed.
Today, there are many websites that work on the Internet and companies whose activity focuses solely on the network. Without web, they don’t work. And that is the danger of DDoS attacks: they will block access to customers and they can lose hours and days of offering services to interested people. In the case of DDoS attacks, it is not about stealing data or infecting a computer, but basically blocking a website so that it stops working properly.
What is DDoS?
DDoS means Distributed Denial of Service or what would be translated in Spanish as: Distributed Denial of Service Attack. What it does is use a series of zombie computers or computers dedicated to the cause that jointly attack a single system or a single target in order to overload it and be forced to close without other users, the true users. From this website or that entity, they can access the service. In general, they are personal computers infected with a virus for this purpose: to be controlled from the same point and use their resources to carry out DDoS attacks.
This would cause you to lose all clients due to this intentionally and voluntarily caused overload. That is, it does not fall because it has more clients and improves traffic, but because it is an automated process of requests, of thousands of requests in a matter of minutes, although it will depend on the scale of the attack that they are more or less time.
In short, there is a massive amount of requests to a server, causing it to become overloaded and unable to offer the service to legitimate users. They are computers working together that carry out this massive attack and each one has a different IP address, so it is often difficult to stop the attack if it is an organized network with a large number of computers.
Difference with DoS
The difference between DDoS and DoS (Denial of Services) is the number of devices that are trying to get the server to deny access to content. Both have the same objective, although DoS attacks make all requests from the same computer and, therefore, from the same IP. This makes the seconds much easier to stop because it would be enough to block the IP. In the case of DDoS attacks, there are many IPs and requests from different parts of the world that are carrying out the attack simultaneously and this makes it difficult to stop it, but not impossible.
How is it done? How much?
DDoS attacks generally consist of infecting a series of computers in order to make them available to you to use the hardware resources to carry out this attack. They are so common or frequent that it is enough to take a look at the Dark Web to find infinity of people who offer themselves to carry out them against the company or web that you want. So much so that we can even find plans on the Internet from which you can choose to “contract” a DDoS attack on the black market and prices will vary from the time of the attack, from the protection of the web. For example, the cost of an attack against an unprotected website can vary from 46 to 92 euros. If it is protected, the cost will go up to 370 euros or more.
Effects of a DDoS attack
The objective will be, in both cases, to block the website with all that that entails: saturated website, loss of money and customers, loss of reputation.
- Inactivity time.Whatever the theme of the website that suffers the attack, downtime is a very negative thing because many people will be losing the possibility of accessing it, with all the complaints that this entails. In addition, you can also penalize SEO on Google.
- Economic losses. Especially in the case of online stores that will lose their sales for hours or for the duration of the DDoS attack. In addition, it may be necessary to use money to hire a security expert to help us stop the attack, if we do not know how to do it.
- Loss of information
- Damage to customer reputation or trust
Reasons for DDoS attacks
There is no single reason to launch a DDoS attack and we have seen them of all kinds: from social protests to racist websites, for example, or politically motivated to parties or entities that want to intervene in the debate. They can also be websites that promote something that hackers or Internet users do not like or simply that it is the competition or eCommerce websites as has happened in some cases with companies like Amazon, such as eBay.
- Extortion: It can be a DDoS attack in order to get a company to pay an amount of money in exchange for their page or service to be released.
- Hacktivism: It is usually one of the most popular and they seek to demolish websites or organizations with a certain opinion or ideology or who advocate racism, for example. There are all kinds of causes for these DDoS attacks against any company that has made some controversial statements, for example, and Internet users want to unite to punish them.
- Competition: Other companies are in charge of attacking websites in order to make them lose sales, for example. It is not the most frequent but it can happen in some companies.
Popular DDoS attacks
There are many DDoS attacks that have paralyzed the Internet for a few minutes or hours and have caused a collapse on some of the most important websites around the world. Some like the GitHub, considered the largest in recent years, or the attack on DynDNS that caused problems on a huge number of pages that we use every day, such as Spotify, Netflix, HBO, PayPal
GitHub in 2018
Very recently, GitHub was faced with one of the largest or largest DDoS attacks in history, involving 1.35 Tbps sent through 126.8 million packets per second. This event, which occurred in the mid-afternoon of February 28, 2018, was solved in just 10 minutes and is one of the most relevant in history, using around 100,000 servers that belonged to all types of businesses and institutions and that were not protected. Thanks to this lack of protection, the attack amplified its efficiency but GitHub was ready and fixed it in less than ten minutes: the website was only inoperative from 5:21 PM to 5:30 PM and was quickly resolved thanks to the use of the Akamai system Prolexic designed to mitigate or control any attack of this type.
DynDNS in 2016
In 2016, a DDoS attack on DynDNS took place that was a problem in all kinds of Internet services such as Twitter, Spotify or Reddit along with other services such as CNN, Disqus, Etsy, Netflix, PayPal … because of this attack on the DNS provider. The attack lasted more than two hours and there was a second and a third attack until it could be resolved and all affected websites returned to activity.
Takem from: ADSLZone