DDoS Attack: What is it and how to stay protected against it?

  • In a Distributed Denial of Service (DDoS) attack, multiple compromised systems are used to target a server with a huge volume of traffic.
  • The various types of DDoS attacks include volume-based attacks, protocol attacks, and application-layer attacks.

What is a DDoS attack?

DDoS attack aims at bringing services down by bombarding them with so much traffic that their services and infrastructure are unable to handle it. In a Distributed Denial of Service (DDoS) attack, multiple compromised systems are used to target a server with a huge volume of traffic.

Typically, a botnet formed of compromised computers sends huge traffic to a targeted server which causes unstable connections and service outages as the service could not handle all the requests.

Types of DDoS attacks

The various types of DDoS attacks include,

  • Volume-based attacks - Volume-based attacks include UDP floods, ICMP floods, and other spoofed-packet floods. This type of attack is measured in bits per second (Bps).
  • Protocol attacks - Protocol attacks include SYN floods, fragmented packet attacks, Ping of Death, Smurf DDoS and more. This type of attack is measured in packets per second (Pps).
  • Application layer attacks - This includes low-and-slow attacks, GET/POST floods, and more. It is measured in Requests per second (Rps).

Examples of DDoS attacks

Example 1 - Github suffered a massive DDoS attack

On February 28, 2018, GitHub suffered the world’s largest DDoS attack that took the service offline from 17:21 to 17:26 UTC and intermittently unavailable from 17:26 to 17:30 UTC.

Example 2 - Telegram DDoS attack

In July 2019, a massive Distributed Denial of Service (DDoS) attack was launched against Telegram messenger that caused service outages and connection problems for users primarily in South and North America. However, users in the United Kingdom, the Netherlands, Germany, Ukraine, Russia, Australia, and China also faced connection issues and network disruptions.

Example 3 - DD0S attack against Wikipedia

Attackers have launched a massive DDoS attack against Wikipedia and took down its website offline across various countries including the U.K., France, Germany, Italy, the Netherlands, Poland and parts of the Middle East.

Example 4 - Carpet Bombing DDoS attack

In September 2019, a massive ‘Carpet Bombing DDoS’ attack was launched against South Africa's largest Internet Service Provider ‘Cool Ideas’ that brought down its services for an entire day.

How to mitigate against DDoS attacks?

  • Security experts recommend implementing a Web Application Firewall (WAF) to stay protected against such attacks.
  • It is recommended to analyze the individual packets and accept only the traffic that is legitimate.
  • It is always best to use a good DDoS protection service that can detect and defend DDoS attacks.
  • Other mitigations include clearing logs and blocking any suspicious traffic.