Distributed Network Attacks are often referred to as Distributed Denial of Service (DDoS) attacks. This type of attack takes advantage of the specific capacity limits that apply to any network resources – such as the infrastructure that enables a company’s website. The DDoS attack will send multiple requests to the attacked web resource – with the aim of exceeding the website’s capacity to handle multiple requests… and prevent the website from functioning correctly.
Typical targets for DDoS attacks include:
- Internet shopping sites
- Online casinos
- Any business or organisation that depends on providing online services
How a DDoS attack works
Network resources – such as web servers – have a finite limit to the number of requests that they can service simultaneously. In addition to the capacity limit of the server, the channel that connects the server to the Internet will also have a finite bandwidth / capacity. Whenever the number of requests exceeds the capacity limits of any component of the infrastructure, the level of service is likely to suffer in one of the following ways:
- The response to requests will be much slower than normal.
- Some – or all – users’ requests may be totally ignored.
Usually, the attacker’s ultimate aim is the total prevention of the web resource’s normal functioning – a total ‘denial of service’. The attacker may also request payment for stopping the attack. In some cases, a DDoS attack may even be an attempt to discredit or damage a competitor’s business.
Using a Botnet ‘zombie network’ to deliver a DDoS attack
In order to send an extremely large number of requests to the victim resource, the cybercriminal will often establish a ‘zombie network’ of computers that the criminal has infected. Because the criminal has control over the actions of every infected computer in the zombie network, the sheer scale of the attack can be overwhelming for the victim’s web resources.
The nature of today’s DDoS threats
In the early to mid-2000s, this kind of criminal activity was quite common. However, the number of successful DDoS attacks has been reducing. This decrease in DDoS attacks is likely to have resulted from the following:
- Police investigations that have resulted in the arrest of criminals across the world
- Technical countermeasures that have been successful against DDoS attacks