DDoS stands for distributed denial of service and is a common attack that, while it has always been common, is on the rise recently. All kinds of websites are attacked in this way, from small websites to GitHub to major bank websites. There are numerous techniques to prevent and deal with them, including website downtime tracking. However, a good start is to know what a DDoS attack is and learn about some famous examples of such attacks that have happened through the years.
To start with, let’s find out what, exactly, a DDoS attack is. A DDoS attack utilizes large networks of slave computers, known as internet bots, that can number in the hundreds of thousands and attack a target website, network or server. They flood the target with packets, requests or other kind of data, which overwhelms the target and make it unable to serve other users that are legitimate.
A DDoS system starts with a single computer system. The system is usually exploited via some kind of vulnerability. It could be something as simple as that suspicious email you opened at work that installed some malware in your computer, which turned it into a master bot in the background while you were none the wiser. The malware might them go on to infect other computers and form a botnet. The attacker can then control all of these computers to attack a target.
All kinds of people perpetrate DDoS attacks from angry employees to professional criminals to (allegedly) whole countries. DDoS attacks are measured in terms of the bits of data they send per second to the target. Here are some famous DDoS attacks that have happened in recent years.
1. The Attack on U.S. Banks
This one happened in 2012 and targeted at least six banks in the United States, including PNC Bank, Citigroup, US Bancorp, JP Morgan Chase, and Bank of America. The attack was carried out by a large number of slave servers that each delivered up to 60 gigabits per second of traffic.
The DDoS attacks were rather persistent with many of different methods being used. Even though the banks were well protected against some methods, they were completely helpless when confronted with others.
CloudFlare is a CDN service that also happens to provide security to websites, which makes this attack a bit ironic. The website was hit by a DDoS attack in 2014 that ran up to 400 gigabits per second. The interesting thing is that the attack wasn’t even meant for CloudFlare, but rather was meant for one of its customers in Europe. The European servers were targeted as a result. However, the attack was so powerful that the entire CloudFlare network was affected.
The unique thing about the attack that made CloudFlare vulnerable is that it used a particular method that made all the rogue requests look legitimate. The method, known as a network time protocol amplification attack, is one of the most difficult to block.
This is the largest attack on this list and was clocked at 1.35 terabits per second. The DDoS attack, which occurred in 2018, utilized thousands of bots and was one of the worst in history. It was multiples more than the kind of traffic GitHub was used to, and the site had to take measures after the attack to rapidly and extensively expand their transit capacity to deal with the future possibility of such attacks.
How Can You Detect a DDoS Attack?
There are a few methods you can use to detect this type of attack to be prepared for it better. Here are the most popular:
- Flow sampling: This method involves taking samples of packets coming in and sending information on those packets via a datagram. This kind of technology is one of the most scalable and is supported by just about every type of router. It tends to be limited, however, as far as analysis capabilities are concerned.
- Packet analysis: This method involves deploying a dedicated DDoS mitigation device that instantly detects anomalies and then takes steps to mitigate them. It analyzes each packet of data coming in as well as going out.
- Mirrored packets: This method involves a lot of detailed analysis of all the data coming into the server and provides one of the fastest detection methods for anomalies in the data. It is, however, a little difficult to scale.