DDoS: what is it and how does the virtual attack work?

Among all the scams and cyber crimes out there, there is one that is very old, super famous and appears in the technology news today: DDoS attacks. I’m sure you’ve heard or read about it, but do you know exactly what this method is? Why is he so feared? Keep reading so that you can understand how to protect yourself from these attacks.

What is DDoS?

DDoS is an acronym for “Distributed Denial of Service”, translated as “Distributed Denial of Service”, and is part of the vast universe of cyber crimes. In a nutshell, it is an overload on the server that hosts a website or service, which leads it to ‘deny service’ to anyone who tries to access the page in that period.

For this to happen, this type of attack takes advantage of the fact that every server has a limit, a maximum use, and forces it to fulfill several requests at once with an enormous amount of requests coming from the most diverse sources. When this capacity is exceeded, the service level drops, which can mean a total drop in the page or slow navigation. There is no data theft or anything like that, at least if DDoS is used alone.

How does a DDoS attack work?

So that we can understand in an even simpler way, let’s make a comparison with a small store that is offering incredible discounts. It does not have a very large structure: there are few cashiers and employees, while the space to circulate inside is very limited. But one fine day many people decide to shop at the same time, leaving the place crowded.

Over time, no matter how competent the store is, it gets overloaded with service and the service gets worse, the queues are formed and maybe even the cash register or card machine program points out problems. This is what happens, but in an artificial, criminal and virtual way during a DDoS.

There are several ways to carry out such a “denial of service”, and currently, DDoS is more precisely described as a hybrid attack of different techniques. There is a way to send a lot of traffic to congest a system’s bandwidth, which is the most classic, as if a lot of people click at the same time to access the same website.

In the mode called “ping of death”, the server receives packets that are too big to be processed and ends up with memory problems

Otherwise, it is possible to send fake requests to different ports on a server, using IPs that lead nowhere, but force the system to try to find an answer. This wastes all the band’s resources and also creates problems. DDoS can still exploit some specific feature or implementation failure of an installed protocol. This is an attack that goes straight to the vulnerability of one layer of the infrastructure.

And it is worth remembering that the request, such simultaneous requests, today usually come from a botnet, which is basically a network of infected ‘zombie’ computers that receive orders to participate in a DDoS without needing the user’s authorization.

The first DDoS in history

It may seem strange, but history’s first denial of service attack has been documented. It happened in 1996, when a series of artificial requirements brought down the servers of Panix, one of the oldest Internet providers in the United States. As a result, since everything was still a little new, she was down for several days.

But there are also those who say that the first attack actually occurred in 1988, when Robert Morris created “Morris”, a worm that replicated and consumed resources on the victim’s PC, even though it was not a coordinated invasion.

What are the biggest DDoS targets?

Over the years, this type of attack has become more professional and has also become a political weapon, as well as deface. And the scheme was somewhat similar: dropping a page was a way of showing discontent with the content, a company or government.

Some more modern scams that involve denial of service even take an extra step. It is the request for a “ransom”, as if it were a toll charged by those responsible for the overload, which must be paid for the attacks to be stopped.

The targets are not just specific websites. Today, it is common for attacks to target cloud hosting services like Google and Amazon Web Services. In this way, it is possible to attack several customers at the same time, even if it is a little more difficult, since the idea is that these structures are more protected.

The attacks that gained fame

Over the years we have had some denial-of-service attacks that have gotten longer. This is the case of a DDoS coordinated in the United States in 2012, which attacked six banks at the same time and scared customers and institutions.

In 2016, the feared botnet generated by the Mirai malware carried out a series of very high-scale attacks, characterized mainly by using simple devices like robots, not just computers. The servers of a provider called Dyn were brought down and as a result it left several well-known services very unstable, including Netflix, Paypal, Spotify, PlayStation Network and many others.

Two years later, in 2018, the GitHub platform was targeted by what at the time was known as “the largest DDoS in history”, at the time with 1.35 Terabits per second of traffic. And in 2020 Amazon’s AWS set a new record for the volume of data sent to bring down a platform. Here in Brazil we also have numerous examples, including the attack on the TSE server during the moment of counting the results in the first round of municipal elections.

As you can see, DDoS attacks are getting more frequent and more powerful, since the botnet network can even use IoT devices, which have far more flexible security, and increasingly larger armies of hijacked devices.

After all, can I protect myself?

Security providers and companies are always rushing to match detection and to minimize damage. If you have a website or service, consider hiring a specialized service or consult your hosting plans to find out what type of protection is offered.

There are features that reduce or block this attack by recognizing patterns of simultaneous access in order to bring down a system. In addition, some cloud services offer flexible bandwidth so you won’t be out of action for a long time with an attempted attack.

And, if you are a regular user, remember the usual tips: do not repeat passwords, watch out for suspicious links and do your best to prevent your devices from ever becoming part of a botnet and being a speck of sand in large attacks. proportions.

So, have you ever been a victim or experienced difficulties because of a DDoS attack? Tell us in the comments!

Leave a Comment