DDoS: The Past is the Future

DDoS: The Past is the Future

Distributed denial-of-service (DDoS) attacks are one of the oldest weapons in the hacker’s arsenal, nearly as old as the Internet itself.

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency defines DDoS as the following:

A denial-of-service (DoS) attack occurs when legitimate users are unable to access information systems, devices, or other network resources due to the actions of a malicious cyber threat actor. Services affected may include email, websites, online accounts (e.g., banking), or other services that rely on the affected computer or network. A denial-of-service condition is accomplished by flooding the targeted host or network with traffic until the target cannot respond or simply crashes, preventing access for legitimate users. DoS attacks can cost an organization both time and money while their resources and services are inaccessible.”

DDoS attacks come in many flavors — one report counted 26 kinds, although these can be organized into three general categories:

  • Volume-based (volumetric) attacks that overwhelm the target network’s bandwidth
  • Protocol attacks that exhaust a server or firewall
  • Application layer attacks that attack a specific application rather than the entire network

Motivations for such attacks vary, from hacktivist protests of political, social or economic initiatives to financial gain.

In the past, DDoS attacks were often carried out by “hactivists” and other parties with grievances and agendas, but ransom DDoS are growing increasingly common, with malicious actors threatening companies and organizations with attacks if they don’t pay up.

DDoS attacks continue to evolve, becoming more sophisticated and complex every year. Indeed, attackers can now use malware to create global networks of enslaved devices, or bots, which they can use to launch massive DDoS attacks on unsuspecting victims. Because existing security measures cannot prevent all DDoS attacks, you always need to prepare for new threats.

A time-honored tradition

The first recorded DDoS attack took place in 1996, when a hacker used a spoofed IP address to overwhelm the server of Panix, New York’s oldest commercial internet service provider. Fake packages flooded the company’s server, rendering it unable to process legitimate traffic. Some 36 hours later, a global network of internet specialists were able to regain control of Panix, but a tradition was born.

In fact, the origin of DDoS attacks are even older. Way back in 1974, a 13-year-old high school student by the name of David Dennis successfully shut down 31 PLATO terminals at the Computer-Based Education Research Laboratory (CERL) of the University of Illinois Urbana-Champaign with some mischievous programming, reportedly as a well-intentioned experiment.

Then there was the Morris worm of 1988, when Cornell University graduate student Robert Morris released into the wild a self-replicating program in a well-intentioned but ultimately destructive attempt to bring existing network weaknesses to attention. According to the U.S. government, the Morris worm resulted in anywhere from USD 100,000 to USD 10,000,000 in damages.

From humble beginnings, though, mighty cybercrime weapons grow.

According to one report, there were 5.4 million DDoS attacks in the first half of 2021 alone. In recent years, some of the world’s biggest companies have fallen victim to DDoS attacks, including major global internet companies and financial institutions. One attack on internet giant Google clocked in at 2.54 Tbps, with Google warning that such attacks are only likely to increase as the internet itself grows.

You don’t need to be a criminal mastermind to launch a DDoS attack, a factor in their popularity with malicious actors. In fact, a recent report by the UK National Crime Agency warned that children as young as nine were launching DDoS attacks against their own school networks.

Cloudbric ADDoS: Edge computing to the rescue

Cloudbric ADDoS: Advanced DDoS Protection is a cutting-edge DDoS (Distributed Denial-of-Service) attack protection and mitigation service.

Cloudbric ADDoS leverages decentralized edge locations closest to the client, rather than the centralized cloud infrastructure, to provide a more effective, efficient defense against the newest DDoS attack patterns. With the fastest response time, largest capacity, and affordable costs, Cloudbric ADDoS is the optimal choice against organized DDoS attacks.

By processing huge volumes of traffic, Cloudbric ADDoS mitigates and resolves large and complex DDoS attacks. Mitigated attacks prior to reaching the application, the solution minimizes the impact on the web services. 

Cloudbric ADDoS responds to a full range of DDoS attacks, from frequent DDoS attacks to multi-vector attacks and application attacks.

Learn more here.

Comments are closed.