DDoS is a hacker intervention into another computing system, website or service with the aim to cause its malfunction. Such type of attack is enough popular nowadays, because in most cases hackers remain unpunished. This attack is made with use of many hacker systems and paralyzes its target using virus applications working in standby mode or special software. Even a simple link placed on a popular website can break the system. The difference between this kind of attacks and other interventions is that its purpose is not to completely destruct the system, but only to cause failure and create inconvenience to users.
DDoS was first noticed in 1996, but became popular in 2000 after invasion into well-known commercial organizations: Amazon, eBay, Yahoo! and other. Many companies suffered from such attacks. This indicates their relevance and originality.
How it works
DDoS attacks are distributive actions in order to paralyze the work of a significant or very popular resource. First hacker monitors the target using previously created special tools to find weaknesses. Next the criminal gets access by hacking the selected parts of the system. Next, installs on them virus applications (trojans) running in standby mode. They do not show themselves and the victim does not know about the danger. Then the hacker can break the system by sending certain commands to “zombie PC” at any time.
There are various methods of DDoS attacks and every of them is good in its own way:
- Flooding the transmission route. The essence of this method is to flood the bandwidth by meaningless or incorrect requests, clogging of system resources and cause further failure;
- Resource deficiency. The main purpose is to obtain additional resources by completely overload victim’s CPU. This method also uses false attacks, large overload of the server by unnecessary files, incomplete user identification, processing of complex data, all of this causes failures in CPU;
- Software errors. The target is disabled by program code created by professional hacker;
- Attacks on DNS servers. Hacking is done by replacing the IP address or capturing victim’s system resources.
Causes of attacks
These attacks have motives as every crime:
- Jealousy or personal dislike. Recent raids on hacker or fame and growing income of large commercial organizations may be a reason for hacking;
- It is common that attacks are made for fun. Searching for “drive” the criminals attack more and more large companies in order to estimate the scale of their capabilities;
- Opposition. Invasion with the purpose of political protest to make the government pay attention;
- Dirty games in competition. Generally, hackers are hired by competitive companies to destabilize the situation;
- Blackmail and extortion. As a rule, in this cases the criminal works in collusion with the administration of the service.
How to defend
Before exploring the methods of defending from hacker attacks like DDoS, it is necessary to understand that 100% security is not guaranteed by any of the following methods:
- Identifying and eliminating the causes that make attacks possible. Among the causes can be offence or disagreement, so by eliminating this the company can prevent the invasion;
- Searching the hacker using special agencies;
- Protective software. Typically, it is effective only from weak attacks;
- Blocking dangerous traffic. It is less effective right near the target, but more effective on the route to it;
- Redistribution of the dangerous traffic back;
- Use of special equipment;
- Evasion of a victim from danger by removing from resources that are under attack;
- Duplication and redistribution of the system, which continues working, despite successful invasion;
- Obtaining specialized protective service. It is actual against flooding.
All methods listed above are divided into hybrid, statistical and signature, based on quantitative and qualitative, as well as mixed traffic analysis.
In 2012 Anonymous hacker group set a goal to stop the entire Internet by 33 DDoS attacks. The attacks were made using Ramp system combining servers and providers.
In 2002 an identical attack took place, it broke 7 servers. The second in importance occurred in August the same year. As a result, commercial sites of AT&T company were shut down for 8 hours.
A bit later, on August 22 2013, the SCO site was infected with Mydoom virus. The company was developing system software within 3 days and could not help the users.
In 2012 the most significant hosting provider Go-Daddy suffered from destruction not only its domain, but also its 33 million copies.
DDoS attack with a maximum capacity of 65 GBit/s was made to CloudFlare company (www.cloudflare.com), which delivers content to virtual hosting. Having servers around the world, it allows you to use the services much faster depending of its geolocation. The company was able to withstand attacks with slightly less capacity and its employees were former hackers, so they were interested in this attack. It turned out that the reason for the vulnerability was multiplicative method of DNS requests.
The largest DDoS attack occurred on March 18 2012. This time the failure occurred in Spamhaus company (www.spamhaus.org), which deals with black lists of spam sources. This fact was the main reason for hacking. The capacity was 300 GBit\s on peak level and it caused problems to people in the whole world. Their connection speed became half less. But it concerned only several services.
There is no security system that cannot be hacked. Everything has vulnerability, especially in the cases where there is also human factor. The most reliable of all protective methods is correct configuration of the PC, service or other resource. Hacking attempts will always happen. Main reasons for hacker attacks are jealousy and personal dislike, it is natural for people and everyone should understand it. However, in process of improving hacker break-ins, the level of security systems will also grow. This is some kind of eternal race and nobody knows when it will end.
For preparation of this article, materials from ru.wikipedia.org wer used.