What is a DDoS Attack?

The speed and number of DDoS attacks have dramatically increased over the past few years. By some estimates DDoS attack occur at the rate of about 28 per hour. [1] A DDoS attack attempts to make a website or online service inaccessible by overwhelming the server using multiple sources of attack. The object of these attacks are usually high-profile online sites and services.

Here is a helpful video overview provided by Google Ideas:

Understanding DDoS Attacks

Attacks overwhelm the network/services in a variety of ways: by consuming bandwidth, consuming host resources, and consuming application resources. Attacks may also crash the network/servers and obstruct communication between service and consumers. The execution of attacks can involve a variety of methods. For instance, malware is sometimes used to crash the servers or slow the processing. Attackers are known to exploits weaknesses peer-to-peer networks and launch an attack via multiple client computers that it controls. These are just a few of the types of tools attackers may use and more surface from time to time.

According to the DDoS Threat Report, “The majority of DDoS attacks were short in duration, small in total attack size, and frequently repeating against the same target.” Here are a few other DDoS highlights:

  • On average, 27.9 attacks occurred every hour.
  • Over 90 percent of the attacks were less than 30 minutes long.
  • Most attacks were 50 MB or less
  • Hacktivism (social protest) is the top reason for attacks
  • The longest attack DDoS lasted 1,666 hours–69 days and 10 hours.
  • One victim was hit with 319 separate attacks over a six month period.
  • Trend Micro reports that a DDoS attack can be purchased on the black market for $150
  • One-third of the time downtime is the result of a DDoS attack (Verisign/Merril Research)

[1] Preimesberger, Chris (May 28, 2014). “DDoS Attack Volume Escalates as New Methods Emerge”. eWeek.