In today’s world there is something called “computer warfare”, “digital war” or “cyberwar”, which consists of attacking the enemy’s information systems and protecting their own? These cyber wars use other types of tools to defend themselves, very different from conventional firearms. The methods of attack are varied, such as the sabotage of computers and satellites, and DDoS protection, depending on the case.
But not only in the digital war are these types of attacks used. For whatever reason, political, economic, or simple vendetta personal, a DDoS attack can be directed to any type of host connected to the Internet. Be it the systems of a government, those of a company, a video game platform, or even a simple blog.
Types of DDoS attacks
Based on volume: In this case the purpose of the attack is to saturate the bandwidth of a website that is the target the idea is to cause congestion
Protocol attacks: this type of attack consumes server resources or some service that works as an intermediary, such as a firewall or load balance. This attack can knock down services that are capable of maintaining millions of active connections in a stable manner.
Application layer attacks: this uses requests that are disguised as legitimate or innocent users but in order to make the web server stop working.
The motivation for these types of attacks is different case by case, they are commonly used as a means of protest by the so-called hacktivists, and also for extortion purposes, damaging the competition and sometimes simply for the pleasure of doing so. There is not a single way to perpetrate a DDos attack. However, there is a common method that we have seen again and again, which involves sending a large number of external communication requests to a specific machine to flood your server. This means that the target machine can no longer respond to legitimate traffic, or that it responds so slowly that it becomes inaccessible. To collect external communication requests that are needed to flood a server, attackers use botnets. A botnet (or “army of zombies, as it is sometimes nicknamed) is a group of infected computers under the control of at least one attacker. These devices have usually been empowered through the use of malicious programs, such as Trojans. With access to a large number of affected computers, the controller can flood a website with requests directing the botnet to access it repeatedly. Mitigating an attack DDos is a challenge faced by all hosting providers. So you must defend and protect the network against DDoS attacks through constant monitoring of the traffic that the servers receive. For simple attacks you can filter those illegitimate requests and automatically block the participating IP addresses a certain number of times. The fight against DDoS attacks on a larger scale is essentially a war campaign: Hosting providers often add space on the server to ensure they have more capacity than possible attackers. It is vital that systems and procedures are revised periodically to deal with different types of attacks, since their authors use increasingly sophisticated methods.
Obviously, the main objective of carrying out these attacks is the blackmail of the victim, who will pay the amount stipulated so that his web becomes available again. However, these attacks are being used as weapons of a new cyber cold war to disable websites and vital servers of certain countries or organizations.
Unfortunately, because the tools to infect and manage zombie machines are increasingly simple and accessible to more and more people, an increase in this type of attack is expected. Recently, important botnet networks that controlled hundreds of thousands of machines have been dismantled, being controlled by increasingly younger people (including minors).
The best solution for these cases is protection to prevent our system from being part of these networks. For this, it is essential to have an advanced and updated antivirus solution that prevents us from getting infected by malicious codes that would add us to a botnet. Also, a good ddos protection would prevent our system from receiving external commands, interrupting the communication between the botnet’s controller and our machine.