TL;DR: An attack in which a large number of computers (botnet) are used to overload a network or website and make it inaccessible.
A Distributed Denial of Service (DDoS) attack is a type of cyberattack in which multiple compromised computers or other devices, often organised as a botnet, are used to flood a particular website, service or network with an overwhelming amount of traffic. This causes the target resource to become overloaded and unable to process legitimate requests. The main purpose of a DDoS attack is to impair or completely prevent the availability of a service.
How a DDoS attack works:
- Botnet: An attacker infects several devices with malware and turns them into so-called "bots". These devices can be computers, IoT devices, servers, etc.
- Target determination: The attacker chooses a target that he wants to paralyse, such as a website, an online service or a network.
- Coordinated attack: The attacker controls the bots to send a large number of requests to the target at the same time. This overloads the target's resources, such as bandwidth, memory or computing power.
- Denial of service: Due to the overload, the target can no longer process legitimate requests, which leads to a slowdown or complete unavailability of the service.
Impaired protection target of a denial of service attack:
The main target that is affected by a DDoS attack is the Availability. Availability is one of the three fundamental protection goals of information security, also known as the CIA triad:
- Confidentiality: Protection of information from unauthorised access.
- Integrity: Ensuring that the data remains unchanged and trustworthy.
- Availability: Ensuring that information and resources are accessible and usable for authorised users when they are needed.
A DDoS attack directly targets availability by disrupting the normal operation of a service or resource and preventing legitimate users from accessing it. This can have serious consequences, especially for organisations that rely on continuous online operations, such as e-commerce websites, online banking services or cloud service providers.
By impairing availability, a DDoS attack can lead to loss of revenue, damage to reputation and loss of trust among customers. Protection against DDoS attacks is therefore an essential part of network security and maintaining business operations.