Denial of Service (DoS) attack is a network attack that prevents users from accessing a website or service by overloading a web server with “useless” information.
Most of these compromised systems attack a single target by flooding it with a huge number of incoming messages in high frequency. Since a server can only process a certain amount of requests at once the attack overwhelms the processing capacity and forces the system to shut down, thus, rendering the website as inaccessible and denying the service to the real users.
In a Distributed Denial of Service (DDoS) attack, a hacker launches an attack against a single target computer system by taking control over multiple user’s computers to send enormous amount of information to the targeted website or to send spam emails to a targeted account.
A typical DDoS attack starts with the hacker finding and manipulating vulnerabilities in a computer system and making it the DDoS master. This DDoS master is used to identify and communicate with other computer systems that are compromised in a second step. The hacker loads cracking tools on multiple computers before starting the attack against the target system. Finally, with a single command, the hacker launches the ultimate attack by activating the cracking tools on the multiple compromised computers flooding the targeted system with information that causes the DoS. The DDoS attacks inflict serious damage to the target systems but also may cause collateral damage to associated nodes.
Multiple hacker groups such as “Anonymous” are known for targeting business websites such as Visa, MasterCard, PayPal, Amazon, Bank of America or PostFinance Bank and governmental agencies promoting their political views in several conflicts around the world.
Most targeted systems of DDoS attacks, however, are online financial markets, ecommerce (stores, auctions, sale message boards etc.) with 25% of all registered attacks followed by trading sites with 20% and gaming sites and banks with 15% each in 2011.
The number of DDoS attacks was growing by 57% in the second half of 2011 associated with an increase of DDoS botnets around the world. The number of attacks are still growing with hackers using new ways to launch the attacks.
To escape the increasingly complex DDoS attacks, governments and businesses will need to improve their technologies since DDoS attacks will get more complicated with hackers now increasingly using peer-to-peer (P2P) networks displacing the centralized botnets.