Cybercrime costs billions of loss every year. Unfortunately, Distributed Denial of Service (DDoS) attacks are a plague that targets all kinds of victims: profit and non-profit organizations, international ventures, new entrepreneurships, and more. Your business can be the target. One day, you just experience traffic loads with weird behavior. All your online services (website, email, etc.) work so slow or get totally stopped and inaccessible. The nightmare of a DDoS attack gets real. Criminals are taking your business down.
Far in time seems now, that first DDoS attack against the Internet provider, Panix (1996). Today, DDoS attacks have more lethal weapons, advanced techniques, and bigger botnets to crazily increase the damage.
What is a DDoS attack?
DDoS is an attack to make it not possible for a service to be delivered. Attackers interfere the access to devices, servers, networks, apps, services to launch the DDoS attack from multiple systems, not just from one.
There are different DDoS attacks, but in general, they overwhelm a system (target), sending enormous traffic from multiple sources. The requests of data are massive, so CPU, RAM, bandwidth get drown, and the target crashes. Sometimes, this is the final criminal’s objective, but in some cases, this could be just a distraction for them to cover activities like stealing sensitive data.
The 4 most famous DDoS attacks in the history
Date: March 12, 2012
Target: Citigroup, U.S. Bank, Bank of America, Wells Fargo, PNC Bank, JP Morgan Chase.
An auto-called “Izz ad-Din al-Qassam Cyber Fighters” group attacked six U.S. banks in a day. They were demanding to remove from YouTube a video in which Prophet Muhammad was mocked.
Hundreds of servers were hijacked. Every attack produced more than 60 gigabits of DDoS traffic every single second. Attackers bombed every target with multiple attacks for at least one to work. Then, cyber-protection of banks could deal with some but not with all of them.
Services disrupted, unhappy clients, and high mitigation expenses, the result.
Date: October 21, 2016
Target: Dyn, a big DNS provider.
Mirai botnet was the weapon to create loads of traffic that shut down Dyn, together with its clients, big fishes like Amazon, Spotify, PayPal, Reddit, Netflix, Airbnb, Twitter, GitHub, HBO.
Dyn was attacked with one terabit of traffic flood per second. It reached peaks of 1.5 terabits per second.
In 2016, Mirai software’s source code was released on different hacker forums, so anyone with tech skills could use it, and that’s how botnets were created to deploy different DDoS attacks. Replication, mutation, and the fact that Mirai supports multi-vector attacks, really made mitigation hard.
Date: February 28, 2018.
Target: GitHub, software developing platform.
20 minutes of 1.35 terabits per second were lethally effective to knock down another big tech player, GitHub.
GitHub’s defenses against such attacks were not enough to fight back an attack of this dimension. The attack was implemented through a Memcached standard command, a database caching system used to boost websites’ and networks’ speed. The radio of the perpetrator’s request size to the quantity of DDoS traffic produced to attack got amplified something like 50, or 200 times.
Date: February, 2020
Target: Amazon Web Services (AWS), provider of on-demand cloud computing platforms and application programming interfaces (APIs).
A non-identified AWS client was targeted through Connection-less Lightweight Directory Access Protocol (CLDAP). This protocol connects, searches, and modifies shared directories on the Internet. CLDAP servers were hijacked to amplify up to 70 times the quantity of data sent to that client’s IP address. A three-day attack with peaks of 2.3 terabytes per second, the result. The disruption affected clients and AWS’s image.
Conclusion
Daily, the number of connected devices highly increases. So experts agree DDoS attacks won’t disappear but will be wilder. Protect your business and try not to be part of this ranking.