What is a Distributed Denial of Service (DDoS) attack

Distributed Denial of Service (DDoS)

The intent of a Distributed Denial of Service (DDoS) attack is to generate enough traffic from various systems to overwhelm and place systems into a failure state. This can be accomplished by exhausting its resources or exploiting vulnerabilities to stop system processes.

One way to visualize this is a single individual encircled by thousands of people talking at once and trying to get the individual’s attention. This situation is frustrating because there are multiple conversations going on, causing the individual to get overwhelmed.

Similarly, a DDoS attack is particularly difficult to mitigate because multiple sources of traffic make up the attack. The attack is generally aimed at a business or institution, causing the person attempting to connect to a business' website or use the Internet at work to see their speed decrease or their connection terminated for the duration of the attack.

Essentially the cybercriminals and ‘the victim network’ are in a resource war, where the entity that has the bigger resource pool wins. Even if the victim successfully mitigates the cyberattack there is a good chance that daily operations were degraded during the attack (like additional time waiting for webpages to load).

Today's issues are far worse due to the always on nature of modern connections and increased utilization of Internet connectivity.

So what can businesses do to protect from a DDoS attack? The answer to this question depends on what service the organization is trying to protect. Next week we will look at various options.