What is a DDoS?
You may be asking two questions—“What is a DDoS?” and “How do you say it?”
First, the easy answer. The experts say “dee-doss.”
And now that this word is showing up in news stories and big cyber attacks on well-known web sites, you’ll also want to know what it means.
Just in time for October’s National Cybersecurity Awareness Month, Archer News is bringing you answers to questions about cybersecurity. We’re asking the security consultants at Archer Security Group—Archer News’ parent company—to share their knowledge.
The answer—DDoS stands for “distributed denial of service.” The bad guys use DDoS attacks to try to shut down Internet sites and systems with a firehose of data.
A DDoS is “a cyber attack that involves the sending of huge amounts of network traffic from multiple sources at a single source that results in the single source crashing, thereby denying the service it is providing,” said Leonard Chamberlin with Archer Security Group.
It’s kind of like a traffic jam online.
“Have you ever tried to call into a live competition TV show like American Idol or Dancing with the Stars to vote right after the show?” asked Archer Security Group’s Jim Feely. “A lot of people get a busy signal because there are a lot more people calling than the show has phone lines.”
“A DDoS attack is a lot like that, except most of the calls are coming from an attacker in order to prevent fans from getting through to vote,” said Feely.
Social media users discuss DDoS attacks on Twitter.
The attackers clog the data pipeline with “packets” of information.
You might think of it like the sewer system, one security consultant suggested. If attackers tapped into your plumbing and made everyone’s toilet flush at the same time, the pipes would be unable to handle the load.
Game of Thrones DDoS meme from Meme Generator.
New, large DDoS attacks
Attackers have launched record-breaking DDoS attacks just in the past few weeks.
A popular security blog, KrebsOnSecurity, was shut down during what was—at the time—the largest DDoS attack.
KrebsOnSecurity had just reported about a massive underground operation that appeared to be running DDoS attacks on companies and web sites. The attackers may have gone after his site and another security company’s system for helping shed light on the scheme.
Now, Internet hosting company OVH is reporting it was hit by an even bigger DDoS attack, firing off a record 1.1 terabits of information a second, according to Ars Technica.
“That would be like 17 million people calling you at the same time. Or a billion people tweeting you at once,” said Archer Security Group Managing Partner Steve Parker. “That’s a mind-boggling amount of bandwidth.”
If you are trying to use a site when it’s under a DDoS flood, you may not be able to get through.
“If an attacker is using a resource, it’s not available for a customer to use,” said Feely.
Gaming sites are often DDoS targets, according to Akamai Technologies.
A DDoS attack shut down Newsweek’s site last week after they published a story saying presidential candidate Donald Trump did illegal business in Cuba, Ars Technica reported.
“We don’t know everything. We’re still investigating,” Jim Impoco, Newsweek’s editor in chief, said in a POLITICO article. “But it was a massive DDoS attack, and it took place in the early evening just as prominent cable news programs were discussing Kurt Eichenwald’s explosive investigation into how Donald Trump’s company broke the law by breaking the United States embargo against Cuba.”
It took several hours to get the site back on line, according to POLITICO.
Are you part of the attack?
The bad guys often use you and your security cameras, home routers and smart devices to help launch their bombardment of data.
If your things are not fully secure, attackers can secretly turn them into DDoS soldiers.
That’s where the “distributed” part of “distributed denial of service” comes in.
“The distributed aspect means that the attacker has control of many devices on the Internet and can direct them each to use a little bit of the victim’s resources, creating a large drain collectively,” said Feely.
That is why DDoS attacks are so difficult to fight, according to Feely.
“If it was just one or two devices doing the attack, the victim could just have their ISP [Internet service provider] block a couple of IP addresses,” he said. “It’s hard to stop thousands of devices spread out across the world, though.”
“It takes a special, global infrastructure to defend against a DDoS attack,” Feely added.
Philosoraptor DDoS meme from Meme Generator.
Stressful & chaotic
If you’re running a site or a company online, a DDoS blitz can be very stressful and chaotic. It can shut down your business, temporarily, or even for good, if it costs you too much.
The latest Akamai Technologies State of the Internet/Security Report said there is a 129% increase in DDoS attacks over last year, with some of their customers worldwide getting an attack every few days.
“A DDoS is the modern-day equivalent of a siege on a castle,” said Bob Beachy with Archer Security Group. “The DDoS is designed to either overwhelm the castle’s defenses or to disrupt the castle’s effectiveness such that the attackers can either compromise or take out the castle altogether.”
Some criminal groups are offering DDoS-for-hire, meaning that they will DDoS someone for you for a fee, sometimes as low as $2 an hour.
“One of the major issues with this type of modern-day siege is that amassing the resources and ‘army’ for your siege is pretty simple and cheap, while building an effective castle is very complex and expensive,” Beachy said.
Focus on keeping your security cams, home routers and recorders, and other smart devices secure, and you may keep yourself from unknowingly joining a DDoS army and taking down sites you want to use.
The Archer News “What is…?” series will continue with more answers to your questions. If you want to know more about a cyber term, send your question to @KerryTNews on Twitter or submit your question through this link.