What Is a DDoS Attack? (+How to Protect Your Network from Hackers)

Mara Calvello
Mara Calvello  |  August 22, 2019

There are a lot of different ways a hacker can completely turn your day upside down.

Whether it’s with a phishing scam or by falling victim to identity theft, it can sometimes feel like we’re never really safe.

One way we can always protect ourselves from hackers is to fully understand the methods to their malicious tendencies. Since DDoS attacks are on the rise and remain one of the cyber threats companies are least prepared for, it’s more important than ever to educate yourself on network security.

Let’s not wait any longer to learn more about DDoS attacks. Keep reading to find out how you can protect yourself and your network from a cyber criminal.

What is a DDoS attack?

Before you can put up a fight against a hacker who has set their eyes on your network, let’s break down exactly what a DDoS attack entails.

Short for distributed denial of service, a DDoS attack occurs when multiple systems infiltrate a targeted network in a malicious attempt to disrupt traffic to the server.

A DDoS attack is similar to a DoS attack, except that while a DoS attack uses one computer or network to spawn an attack, a DDoS attack uses multiple.

DoS vs DDoS attacks

Think of DDoS attacks like a traffic jam on your way to work that prevents you from getting there on time.

How do DDoS attacks work?

For a DDoS attack to be successful, it needs a few elements.

For starters, this kind of attack needs a hacker to gain control of a network of online machines. Computers and other machines, like IoT devices, are then infected with malware, which turns each of them into a bot under the hacker’s control.

Once the machines are under the hacker’s control from a remote location, this is called a botnet. When a botnet is established, the hacker can then perform a variety of malicious acts. For instance, when the IP address of a victim is being targeted, each bot responds by sending requests to the target. This results in the targeted network or server to be over capacity, causing a denial-of-service to normal traffic.

Process of a DDoS Attack

Types of DDoS attacks

DDoS attacks come in many shapes and sizes, but some are more common than others.

Traffic attack

This type of DDoS attack sends a massive flood of traffic to the target. Legitimate traffic requests get lost in the noise. These attacks are sometimes accompanied by malware exploitation.

These occur when a botnet sends what appears to be actual traffic HTTP or HTTPS requests to attack and overwhelm the web server. Traffic attacks are sometimes called volumetric attacks, due to the volume that takes over the server.

Bandwidth attack

Similar to a traffic attack, a bandwidth DDoS attack overloads its target with an enormous amount of junk data. The result of this type of attack is a loss of network bandwidth and equipment resources.

Application attack

An application attack takes place with the application-layer data message, which can deplete resources within this layer. This will leave the target’s protection services unavailable to thwart the attack.

These attacks are sometimes referred to as Layer 7 attacks, and attack in a slower fashion than other DDoS attacks. Because they’re slower, they appear like an actual request to the user, until it’s too late and the victim is too overwhelmed to respond.

Application attacks are oftentimes severe and with maximum data loss, since they’re inexpensive to operate and more difficult for companies to detect.

TCP connection attack

A TCP (transmission control protocol) attack takes place when all of the available connections to infrastructure devices, such as firewalls, load-balancers, and applications servers, are completely used up and are unable to function as normal.

Even the most high-capacity device could still fall victim to this type of attack.

Fragmentation attack

These DDoS attacks send a surplus of TCP or UDP (user datagram protocol) fragments to a victim, causing them to be overwhelmed and unable to re-assemble the streams of incoming traffic, connections, and data, causing performance to be severely reduced.

Signs of a DDoS attack

There are some definite signs to look out for when you’re experiencing a DDoS attack. The downside? The warning signs are also just issues you might already have with your computer, like a virus or a slow internet connection.

Other signs of a DDoS attack include:

  • Slow access to files
  • Long-term inability to access a specific website
  • Internet that frequently disconnects
  • Problems accessing all websites
  • An excessive increase in spam emails

Protect yourself from a DDoS attack

Before you experience one of the above signs, there are certain actions you can take to protect yourself from a DDoS attack.

For instance, take advantage of DDoS protection software. These tools will help secure websites and applications against these types of attacks by monitoring web traffic and establishing a baseline for normal traffic loads.

Related: If your company or business is unsure what type of DDoS protection software would be the best fit for your needs, check out this list, brought to you by G2.

Read reviews of DDoS Protection software, FREE Learn more →

The earlier a DDoS attack is identified the better, so you can further protect yourself by acting fast to these alerts. When under an attack, notify your internet service provider right away to see if they can reroute the malicious traffic.

Your firewalls and routers should also be configured to reject harmful traffic being sent to your server, in addition to your application front-end hardware.

Lastly, as a consumer, to keep your personal devices from being turned into a botnet, make sure that you’re only used trusted software and that is updated with the latest security patches. If you frequently use IoT devices, make sure they’re formatted using maximum protection. And of course, when it comes to login information, use a strong password that no robot or hacker can crack.

Examples of DDoS attacks

Even the most well-known businesses and corporations can fall victim to a DDoS attack. The first major one occurred in 1997, when Khan C. Smith disrupted the internet to the Las Vegas strip during a DEFCON event for over an hour. Because of a release to a sample code during the event, it led to the online attack of Sprint, E-Trade, Earthlink, and other corporations in the following year.

Then there was Canadian hacker Michael Calce, who in 2000 brought down Yahoo! with a DDoS attack. Within a week he also was able to hack Amazon, CNN, and eBay. In January 2016, HSBC’s Internet banking services were also hit by a DDoS attack and down for several hours. To make matters worse for their customers, the attack was launched on payday and just two days before the deadline for self-assessment tax returns to be submitted in the UK.

The largest DDoS attack to date occurred in March 2013, when the Cloudflare content delivery network, was hit by 120 gigabits of malicious traffic. At the peak of the attack, Cloudflare saw 300 gigabits attempt to breach their servers, which is the most that anyone has ever seen.

Kiss your network goodbye

Okay, I’m probably being a bit dramatic. But if a hacker completes a successful DDoS on your network, it’ll be severely compromised and you’ll be left to clean up the pieces. To ensure you’re not in this type of situation, keep an eye out for the warning signs and make the most of the tools available to you to ensure your network remains safe.

Interested in learning more about security? Find out everything there is to know about data breaches and how to protect yourself from a social engineering scam.

Mara Calvello
Author

Mara Calvello

Mara is a Senior Content Marketing Specialist at G2. In her spare time, she's typically at the gym polishing off a run, reading a book from her overcrowded bookshelf, or right in the middle of a Netflix binge. Obsessions include the Chicago Cubs, Harry Potter, and all of the Italian food imaginable.