When you say “Distributed Denial-of-Service” commonly known as DDoS, you probably remember Anonymous attack against financial services like Visa, Paypal or MasterCard called “Avenge Assange”. This campaign was launched against financial services refusing to to keep Wikileaks in their clients. But it is not the only big DDoS attack in the history. Every year a lot of DDoS attacks are launched against different companies and if they don’t protect themselves before, it may have financial issues…
Cyber-crime and Denial of Service
Being attacked with a DDoS may have many reasons. Cyber-extortionists begins to use them to obtain ransom from targeted websites. They typically begin with a low-level attack and a warning that a larger attack will be if a ransom is not paid in Bitcoin. Security experts recommend to not pay the ransom.
But targeted websites may have difficulties to protect themselves against this kind of attacks. Notable DDoS attacks include the Christmas day campaign that brought Xbox and PlayStation live networks down. Or more recently an attack took “most of the internet offline” by overloading the roots of the internet, a DNS company.
How does a DDoS attack work ?
Cyber criminals are using botnets to attack targets. A botnet is a network of compromised devices. With the “Internet of Things” (IoT) trend growing not only computers can be infected but also connected television, smartphone or every connected equipment. Those networks can have thousands of members controlled by one or more persons. Once a botnet is controlled, the attacker will start to flood the targeted service, for example a website, with page view requests.
In a similar way, when hugely popular event’s tickets are released web servers are often overloaded. But with a DDoS attack, it is not time limited. The attack will run as long as attacker want or until the target service add an anti DDoS protection, which can be very difficult to do during an attack. The entire website may, in some cases, crash due to the large amount of connection requests. The servers’ administration can be inaccessible too in some cases, making it impossible to protect.
How can a device become part of a botnet ?
Hackers are adding devices to existing botnets by gaining access to it. They often exploit vulnerabilities within device’s operating system to install malicious software that provides them a remote access. Once your device is infected, attackers can exploit it as they want, to retrieve your personal or financial information, to try to infect other devices or to use it in many kind of attacks like DDoS.
No computer is invulnerable, the malware necessary to exploit devices can be installed without your knowledge if you click on a link in a email or if you visit an infected website. That is why it is crucial to ensure the links you click are known. Do not open links in strange mails !!