What is a DDoS attack?

A distributed denial-of-service attack (DDoS attack) sees an attacker flooding the network or servers of the victim with a wave of internet traffic so big that their infrastructure is overwhelmed by the number of requests for access, slowing down services or taking them fully offline and preventing legitimate users from accessing the service at all.

While a DDoS attack is one of the least sophisticated categories of cyberattack, it also has the potential to be one of the most disruptive and most powerful by taking websites and digital services offline for significant periods of time that can range from seconds to even weeks at a time.

How does a DDoS attack work?

DDoS attacks are carried out using a network of internet-connected machines – PCs, laptops, servers, Internet of Things devices[1] – all controlled by the attacker. These could be anywhere (hence the term 'distributed') and it's unlikely the owners of the devices realise what they are being used for as they are likely to have been hijacked by hackers.

Common ways in which cyber criminals take control of machines include malware attacks[2] and gaining access by using the default user name and password the product is issued with[3] – if the device has a password at all. 

Once the attackers have breached the device, it becomes part of a botnet[4] – a group of machines under their control. Botnets can be used for all manner of malicious activities, including distributing phishing emails[5], malware or ransomware[6], or in the case of a DDoS attack, as the source of a flood of internet traffic.

SEE: Security Awareness and Training policy[7] (TechRepublic Premium)

The size of a

Read more from our friends at ZDNet