Distributed Denial of Service Explained

Distributed Denials of Service (DDOS) attacks are on the rise

The number of cyber-attacks are on the rise – none more so than Distributed Denials of Service (DDOS) which target individuals, international corporations and even whole nations. Here’s the key information you should know about an increasingly complex threat to online security.

What is a Distributed Denial of Service (DDoS)?

To understand what a distributed denial of service (DDoS) is, you first need to know what a ‘denial of service’ (DoS) means. A denial of service is a deliberate cyber-attack that floods a computer system with so much data that it is slowed down, and in many cases, is forced offline.

A typical DoS attack usually stems from one computer causing havoc to another network of computers. On the other hand, with a DDoS, the source of the cyber-attack is ‘distributed’ amongst hundreds and sometimes thousands of different computer sources.

By using multiple computers, the perpetrators make it difficult to combat and find the source of the attack, causing widespread disruption to the system or website.

Who is responsible for DDoS attacks?

The motives behind a DDoS attack can be spurred on by political reasons, revenge, business interests, criminality or even activism – leading many to point the finger at governments, terrorist groups, disgruntled employees and sometimes, thrill-seeking lone hackers.

The main targets of DDoS attacks are usually financial institutions like banks and credit card companies but there have been other high-profile victims of these types of attacks including Microsoft, MI5 and the BBC.

Sometimes by targeting one company, multiple networks or websites can be brought to a standstill as was the case of Dyn – who manage web traffic for the likes of Twitter, Netflix and Reddit – who have billions of users.

How do DDoS attacks happen?

Imagine a thousand people all trying to call the same phone number at the same time. Not only will it jam the phone line, the owner of the number won’t be able to use their phone to receive or make calls properly. On top of that, trying to find out which number caused it to begin with could prove next to impossible.

A DDoS attack works in a similar way. It usually takes the form of simultaneous requests from multiple rogue computers or virtual servers trying to view or access a computer system or website.

How to identify DDoS attacks

DDoS attacks are usually only likely to affect business owners – particularly people in charge of large computer networks. However, they can also affect small businesses, blogs or personal websites. They might also bring down services that you depend on, like banking or email servers.

If you feel you’re the victim of a DDoS attack, your first port of call should be to your hosting or internet service provider. Unless you know your way around your hosting or are qualified to deal with the attack, getting professional advice and help from a DDoS specialist would be the best thing to do.

Part of running a network of computers or a website should include having a back-up plan or playbook in place to help limit the damage that cyber-attacks like a DDoS can cause. It would include such steps as:

  • Recognising the signs. The most commons symptoms of a DDoS attack include very slow network performance, slow access to files and websites and high levels of spam.
  • Having extra bandwidth. This helps most legitimate sites deal with sudden increases in traffic such as requests for music or sporting event tickets. By having more bandwidth, you won’t completely stop the attack but you’ll have the capacity to contain and slow it down until help arrives.
  • Keeping a look-out. By regularly monitoring your website’s network activity, you’ll be able to spot and pinpoint any abnormalities if and when you might be under attack.

Related Articles