What Is a DDoS Attack and How Does It Work?

By on

Let’s do a little thought experiment: imagine you’re driving down a highway to get to work. There are other cars on the road, but by and large everything is moving smoothly at a crisp, legally-defined speed limit. Then, as you approach an entry ramp, more cars join. And then more, and more and more until all of the sudden traffic has slowed to a crawl, if that. That is what a Distributed Denial of Service (DDoS) attack is—a method where cybercriminals flood a network with so much traffic that it cannot operate or communicate as it normally would.

DDoS is a simple, effective and powerful technique that’s fueled by insecure devices and poor digital habits. It’s one of the more troubling areas in cybersecurity today simply because it’s incredibly difficult to prevent and mitigate. And it doesn’t matter how big or small a website is, either. For example, Dyn, a major service provider for popular websites, was knocked offline last October. Shortly before that attack, Brian Krebs, a popular cybersecurity journalist, suffered a massive attack on his site in retaliation of his reporting. He’s not the only journalist cybercriminals have targeted, either.

But preventing DDoS attacks from happening in the first is incredibly difficult because they’re fairly simple to create. All it takes to create a DDoS attack are two devices that coordinate to send fake traffic to a server or website. That’s it. Your laptop and your phone, for example, could form their own DDoS network (sometimes referred to as a botnet, but more on that in a minute) if you or a cybercriminal programmed them to cooperate. But two devices, even if they’re dedicating all of their processing power in an attack, aren’t enough to take down a website or server. But hundreds and thousands of devices are more than capable of taking down an entire service provider with their combined might.

To get to a network of that size, cybercriminals create what’s known as a “botnet,” a network of compromised devices that coordinate in order to achieve a particular task. Botnets don’t always have to be used in a DDoS attack, nor does a DDoS have to have a botnet to work, but more often than not they go together like Bonnie and Clyde. Cybercriminals create botnets through fairly typical means: tricking people into downloading malicious files and spreading malware.

But malware isn’t the only means of recruiting devices. Because a good deal of companies and consumers practice poor password hygiene, all a cybercriminal has to do is scan the internet for connected devices with known factory credentials or easy-to-guess passwords (“password,” for example). Once logged in, cybercriminals can easily infect and recruit the device into their cyber army.

For a good deal of the time, this cyber army lies dormant. It needs orders before it acts. This is where a specialized server called a command and control server (typically abbreviated as a “C2”) comes into play. When instructed, cybercriminals will order a C2 server to issue instructions to compromised devices. Those devices will then use a portion of their processing power to send fake traffic to a targeted server or website and, voila! A DDoS attack is born.

Because of its distributed nature, and the difficulty in discerning between legitimate and fake traffic, DDoS attacks are usually successful. They do not, however, constitute a “breach.” This is because DDoS attacks overwhelm a target to knock it offline—not to steal from it. Usually DDoS attacks will be deployed as a means of retaliation against a company or service, often for political reasons. Sometimes, however, cybercriminals will use DDoS attacks as a smokescreen for more serious compromises that may eventually lead to a full-blown breach.

Like I mentioned earlier, DDoS attacks are only possible because devices are so easily compromised. So how can you prevent your devices from participating in a DDoS attack? Well, here are a few things you can do:

  • Secure your router. Your Wi-Fi router is the gateway to your network. Secure it by changing the default password. If you’ve already thrown out the instructions for your router and aren’t sure how to do this, consult the internet for instructions on how to do it for your specific make and model, or call the manufacturer. And remember, protection can start within your router, too. Solutions such as McAfee Secure Home Platform, which is embedded within select routers, help you easily manage and protect your network.
  • Change default passwords on IoT devices. A lot of internet of things (IoT) devices, smart objects that connect to the internet for increased functionality and efficiency, come with default usernames and passwords. The very first thing you should do after taking your IoT device out of the box is change those default credentials. If you’re unsure of how to change the default setting on your IoT device, refer to setup instructions or do a bit of research online.
  • Use comprehensive security. A lot of botnets are built on devices without any built-in security. Comprehensive security solutions, like McAfee LiveSafe™, can help secure your most important digital devices from known malware variants. If you don’t have a security suite protecting your devices, take the time to do your research and commit to a solution you trust.

And, of course, stay on top of the latest consumer and mobile security threats by following me and @McAfee_Home on Twitter, and ‘Like’ us on Facebook.

Categories: Consumer Threat Notices
Tags: ,

Leave a Comment

Similar articles

Many of us use Bluetooth technology for its convenience and sharing capabilities. Whether you’re using wireless headphones or quickly Airdropping photos to your friend, Bluetooth has a variety of benefits that users take advantage of every day. But like many other technologies, Bluetooth isn’t immune to cyberattacks. According to Ars Technica, researchers have recently discovered ...
Read Blog
5G has been nearly a decade in the making but has really dominated the mobile conversation in the last year or so. This isn’t surprising considering the potential benefits this new type of network will provide to organizations and users alike. However, just like with any new technological advancement, there are a lot of questions ...
Read Blog
Global messaging giant WhatsApp turned 10 years old this year. It's not unusual for companies to provide loyal customers or members with gifts to show their appreciation during these milestones. Unfortunately, cybercriminals are using this as a ploy to carry out their malicious schemes. According to Forbes, security researchers have discovered a fraudulent message promising ...
Read Blog