DDoS attacks have become prevalent for three simple reasons – they are cheap, simple to create, and effective. Instructions for creating a botnet can be found easily online. For example, anyone can perform a Google search on “cheap, automated DDoS” and quickly came up with a botnet creation and launch tutorial. These tutorials come complete with detailed programming instructions to create, launch, and control bots. It even teaches potential perpetrators how to secure their bots and themselves.
There is no doubt the number of DDoS attacks is growing, as is the likelihood of being attacked. CDNetworks’ own data shows that volumes and sizes of DDoS attacks have grown steadily over the last three years.
A denial of service attack occurs when web infrastructure, usually one or more servers, becomes so overwhelmed with malicious traffic that it uses all its resources and can no longer respond to legitimate website users. A distributed denial of service attack amplifies this scenario by launching an attack from multiple computers or devices distributed across the internet. Most large-scale DDoS attacks use botnets – computers with breached security that are being controlled and manipulated by the perpetrators of the attack. The perpetrators instruct all computers in the botnet to send fake or malicious traffic to the targeted organisation’s web servers, overwhelming them with traffic and rendering them incapable of serving legitimate users.
Who perpetrates all these DDoS attacks? This is the difficult puzzle facing the law enforcement community. Groups range from government agencies and organised crime syndicates, to political activists and individual thrill-seekers. The profile of DDoS attack perpetrators is ever shifting, depending on the nature of current issues and opportunities presented.
That said, the most common DDoS attacks take place for these reasons:
DDoS attacks can hit almost every business across all industries today and small and medium-sized businesses are not immune.
Organisations that fall victim to a DDoS attack typically suffer damage in one or more areas: from deteriorating customer trust over lost revenue and negative brand impact to slowed innovation and expansion.