What are DDoS attacks?
DDoS is a term that might not click for some, it is short for Distributed Denial-of-service attacks. They are a potent force when it comes to the internet world. In simple terms, it is an attack where someone overflows the traffic of a certain website to a point where it could no longer function.
They are quite a few ways to perform this. One of the most common is by utilizing botnets to spam packets. Botnets are computers that are infected and could be used to remotely send packets by someone far away. During an attack, the attacker will remotely control these botnet to simultaneously jam the traffic of the target with a huge flow of traffic.
Of course, there are multiple ways to perform DDoS attacks. But these are some technical details that we shall not go too deep into. Instead, let’s take a little history lesson. There have been quite a few destructive attacks in the internet era, we are going to take a look at some of it.
The scale of an attack is usually calculated by the amount of traffic that is being pushed through during the attack. Although this doesn’t necessarily mean that the attack is the most potent. Since there are attacks with way less traffic that crippled more systems.
DDoS Attacks heard around the world
In conjunction with the Computer Security Day that was last Saturday, we will introduce you to 5 of the well known DDoS attacks in internet history.
GitHub (2 attacks)
Github was extremely unlucky enough to be involved in not one, but two massive DDoS attacks in the span of a few years. And not to mention, one of the attacks was arguably the biggest DDoS attacks to ever hit the internet world.
For those who don’t know, Github is an online code management service that is used by millions of developers around the world.
The first attack was on a smaller scale compared to the latter one. But still, it was already big enough to be enrolled into the DDoS attack Hall of Fame. It was believed to have originated in China, where people were protesting Github’s proposal to abolish Chinese state censorship.
This attack utilizes China’s leading search engine Baidu. Whenever someone uses Baidu, a Javascript is automatically inserted into the browser which sends HTTP packets to Github, overflowing it with traffic.
Though, this was child’s play when compared to the next attack.
During early 2018, Github was hit with a DDoS attack of up to 1.3Tbps of traffic. It eclipsed the previous record set by the Dyn attack (will be explained further). For around 15-20 minutes, GitHub collapsed. They instantly called in experts from Akamai Prolexic to mitigate the attacks.
The attack uses a method that is not usually seen. Previously, I mentioned how most DDoS uses botnet, but not in this case. This particular attack utilizes ‘Memcached Servers’. It is a type of service used to speed up networks and websites. Not only they do not rely on remote botnets, they can amplify a package to 50 times its original size.
After 8 minutes or so, the retaliation worked and the attackers backed off, bringing an end to one of the biggest DDoS attacks of all time.
Dyn
As promised, we will go further into the Dyn attack which happened in 2016. Dyn is a DNS service that runs major websites around the US. Crippling it would mean crippling the internet itself.
That is exactly what happened on the day of the attack. Around 1.2 Tbps of peak traffic was detected during the attack. East coast websites under Dyn was wiped out. Some websites on the other coast were affected too. Websites such as Reddit, Spotify and many more were gunned down.
The attack uses botnets in IOTs (Internet of things) all around the world to send packets to Dyn, crashing its servers. This form of attack uses Malware known as ‘Mirai’ to operate.
Three waves of attacks were launched during the day. They fought back wave after wave of attacks which floods in requests from millions of IP addresses around the world.
Although this attack isn’t as big as the Github one that happened a few years later, it was still reckoned to be more disruptive. This is mainly due to the amount of loss that was suffered during the day, which amounts to around $110 million. More than 14,500 domains parted ways with Dyn after that.
Spamhaus
Spamhaus is a non-profit anti-spam organization, meaning it works to prevent spam from reaching your mailbox. Of course, by doing so, it attracted its fair share of enemies.
During early 2013, Spamhaus was the target of a massive DDoS attack. The attackers used a method known as DNS reflection. Around 300Gbps of traffic was launched at Spamhaus. It was completely knocked out.
As an immediate response, Spamhaus contacted CloudFlare to help mitigate the attacks. If you are interested in further details, here is a report from Cloudflare on how they dealt with the attacks.
BBC
On New Year’s Eve 2015, BBC was unexpectedly hit by a massive DDoS attack early in the morning. Its website was crippled. Anyone who tried to visit saw a message about the server being overloaded with traffic.
Soon after, an Anti-Islamic State group came forward to claim responsibility for the attacks. According to them, they were just trying to test out the powers of their attacks. They chose BBC because it was a big and strong target. But even for them, the power of the attack was way above estimation.
They used twin AWS (Amazon Web Service) servers to attack with unlimited bandwidth power. The attack reached a peak of 600Gbps in traffic.
Within half a day, everything is back to normal and the countdown to 2016 continues as if nothing has happened. This still doesn’t deny the fact that this was one of the biggest DDoS attacks to have ever occurred.
Closing Notes
These are only a few out of countless DDoS attacks that were performed. Almost every day, a website gets DDoS attacked. Small businesses that don’t prioritize protecting their websites are the most prone to attacks.
Start protecting your websites and confidential data from now on to prevent such attacks from crippling you. Feeling insecure with your current hosting provider? Migrate to Net Onboard now! Net Onboard provides Anti-DDoS solution to all hosting clients that help mitigate attacks directed at your websites. Connect with our Cloud Experts now or visit our website at https://www.netonboard.com/security/anti-ddos/ to find out more about this.