DDoS Attack

Published Jul 22, 2023
Contribute to Docs

A DDoS, or Distributed Denial of Service, is a cyber attack where a company or organization’s websites and servers are overwhelmed by traffic as a result of a coordinated effort by a hacker or group. These individuals often use botnets, devices they hijack without the owners’ knowledge, as a weapon of choice. However, hackers may use other methods, such as amplifying requests to a system that can cause disruptions of service and damages due to the inability of the system(s) to handle the flood of malicious or false requests.

Types of DDOS Attacks

DDoS attacks can be separated into three categories:

  1. Volumetric(raw attack volume) attacks: Utilizes methods to generate volumes of online traffic to a company’s website, causing its bandwidth to be saturated and destabilizing the flow of online accessibility.
  2. Protocol attacks: Destroys the processing capacity of network infrastructure resources like servers, firewalls, and load balancers. This happens when malicious connection requests are made through Layer 3 and 4 protocol connection requests.
  3. Application Attacks: Opens connections and initiating process and transaction requests that consume finite resources like disk space and memory storage. This occurs when weaknesses in the application layer are manipulated.

Signs of a DDOS-infected device

  • Slow access to files.
  • Unable to access a specific website.
  • No internet access.
  • Spam emails to contacts.

How to Respond to a DDOS Attack

  • Provide training for staff members to recognize the signs of a DDoS attack.
  • Use online outage mitigation and response strategies.
  • Assess ongoing DDoS risks through tests that mimic these attacks.
  • Implement specialized tools that can handle the overflow of high Web traffic. Cloud-based Web servers like AWS Shield are often recommended for this task.

All contributors

Looking to contribute?

Learn Cybersecurity on Codecademy