What is a DDoS attack? by Tanya Gupta

What is a DDoS attack?

by Tanya Gupta Digital Strategist

A Distributed Denial-of-Service (DDoS) attack is an attempt to shut down a machine or a network through multiple infected computer systems. The main goal of this attack is to make an online service unavailable or disrupt the legitimate traffic of a targeted server by overwhelming it with the bad bot traffic. It is one of the most common and disruptive types of cyber-attack.

How Does a DDoS Attack Work

Firstly, the attacker plans for a DDoS attack by exploiting vulnerabilities in one or more computer system and makes it a part of a botnet – where the attacker controls this botnet via centralized command and control (CnC) system. This master system identifies other vulnerable systems and gets control over them by infecting them and use them as a zombie computer/bot.

Then the attacker targets a victim with all these infected bots (combinely “a botnet”) and floods the target’s internet pipe with multiple illegitimate requests sent via CNC, which causes a denial of service/unavailability to those legitimate requests that are trying to access the victim’s network/web resource.

DoS v/s DDoS Attacks

In a DoS attack, the attacker uses a single zombie computer to flood a network with TCP/UDP packets. The purpose of a DoS attack is to overload the targeted network’s bandwidth and other resources with illegitimate packets/requests. This will impact in the unavailability of a targeted network to its legitimate users.

Wherein a DDoS attack, the attacker uses a multiple zombie computers and multiple internet connections to overload the targeted network. In this attack, the targeted network is overloaded with hundreds or even thousands of requests at the same time.