How Distributed Denial-Of-Service (DDoS) Attacks Work

decorative line

Learn about cybersecurity

Recap

In our previous article, we briefly discussed the following 7 modern cyber attacks:

  • Ransomware
  • WannaCry
  • NotPetya
  • SimpleLocker
  • TeslaCrypt
  • CryptoLocker
  • PC Cyborg

In this article, we move on explaining what a Distributed Denial-of-Service is and in what ways a Distributed Denial of Service attack are more detrimental than traditional Denial of Service.

Note

If you are new to the field of cybersecurity, taking our Inro to Cybersecurity (free self-paced) course is highly recommended. Also, if you are already familiar with cybersecurity, taking our Intro to Blockchain Cybersecurity course is highly recommended.

Distributed denial-of-service (DDoS) attacks

A DDoS attack is a malicious attempt to disrupt the legitimate user traffic of a server by overwhelming it with a flood of random traffic. DDoS differs from DoS by its distributed nature, attacking a target from several independent networks of compromised systems. These compromised computer systems are called bots, and a botnet refers to a group of such bots under the control of the same malicious actor.

DDoS attacks have become a frequent hazard, as they are commonly used to take revenge, conduct extortion, activism, and even for cyberwar. In October 2016, leading ISP Dyn's DNS was bombarded by a wave of DNS queries from millions of bots. The attack was executed by the Mirai botnet, and was composed of over 100,000 IoT devices.

 

From script kiddies to geopolitical

There are numerous theories about the attack launched on October 26, 2016 on Dyn's DNS infrastructure. One of the most sensitive and highest impact DDoS attacks was noted to be against Dyn, a US-based DNS service provider that caused several major websites including Twitter, Reddit, GitHub, Amazon, Netflix, PayPal, and many more to be inaccessible by a major part of country. There are numerous theories and claims as to who could be behind this. Security researchers pointed the finger of blame at script kiddies; however, there was also a claim by a hacker group, Jester, that the Russian government was behind the attacks. The hacker group Jester defaced the Russian foreign ministry against a Democratic National Committee (DNC) hack.

This didn't just stop there; there have been some high-profile damages as of late as well. The political crisis in Qatar led to a DDoS attack on Al Jazeera's website. France's presidential election was disrupted by attacks on the Le Figaro and Le Monde websites.

 

Ease of launching a DDoS attack

You could launch DDoS attacks by paying $10 an hour, $200, or $600-$1200 for an entire week. Several attackers on the dark web are offering DDoS for hire services that make launching DDoS attacks easy.

Someone who is looking to bombard their targets with a burst of heavy traffic gets charged for every second of botnet use rather than an hourly fee.

 

Top targeted countries

Attackers can compromise a computer and make their own bot. These bots are used to conduct reconnaissance, web page crawl, and even DDoS attacks. It is important to understand that countries that have a larger number of compromised systems should be aware of their global risk index.

This article is written in collaboration with Rajneesh Gupta.

Advanced persistence threat

In our next article, we will continue our cybersecurity journey by discussing what are advanced persistence threats and how they work.

Blockchain security articles

If you are interested in exploring more complex yet novel topics on blockchain security, you can read our below articles. If you are new to blockchain technology, taking our Intro to Blockchain Technology (self-paced) course is highly recommended.  

Resources- Free Webinars on Blockchain

Here is the list of our free webinars that are highly recommended:

Resources- Free Courses

Here is the list of our 10 free self-paced courses that are highly recommended:

Resources- Self-Paced Blockchain Courses

If you like to learn more about Hyperledger Fabric, Hyperledger Sawtooth, Ethereum or Corda, taking the following self-paced classes is highly recommended:

  1. Intro to Blockchain Technology
  2. Blockchain Management in Hyperledger for System Admins
  3. Hyperledger Fabric for Developers
  4. Intro to Blockchain Cybersecurity
  5. Learn Solidity Programming by Examples
  6. Introduction to Ethereum Blockchain Development
  7. Learn Blockchain Dev with Corda R3
  8. Intro to Hyperledger Sawtooth for System Admins

Resources- Live Blockchain Courses

If you want to master Hyperledger Fabric, Ethereum or Corda, taking the following live classes is highly recommended:

 

Resources- Articles and Tutorials on Blockchain Technology

If you like to learn more about blockchain, reading the following articles and tutorials is highly recommended:

Private Custom Tutoring

decorative line

We offer private custom tutoring classes both online and in DC, MD and VA for almost all of our courses or bootcamps. Give us a call or email us to discuss your needs.

$90 Regular

$50 Limited Offer

REGISTER NOW