Your favorite video game is forced offline during a DDoS attack, but what exactly does that mean?
jpg” You may have heard of services being forced offline during a DDoS attack. Without warning, your favorite website or Game is no longer online because someone or something “DDoSing” it.Although the term DDoS seems vague, it is now a part of the internet. But if you’re still not sure what a DDoS attack is and how DDoS can damage video games, read on.
What is a DDoS Attack?
DDoS stands for Distributed Denial of Service, and it is the name given to an attack that floods a service with requests, forcing it offline.
When you hear about websites or video games being taken down by hackers, it often means they’re experiencing a DDoS attack. Attackers target specific websites, services or video games and flood running servers with data requests.
The number of requests can quickly overwhelm the infrastructure of the server hosting the service, forcing it offline. DDoS attacks are sometimes referred to as DDoSing.
How Do DDoS Attacks Work?
In a DDoS attack, the data doesn’t have to be some large file that’s requested to be downloaded. In fact, it’s often the other way around, where thousands of machines make small data requests concurrently. Even though each request is small, the number of requests amplifies the effect across thousands of devices.
So who controls the thousands of computers they can use to send requests to a single server?
For the most part, DDoS attacks originate from large botnets, a group of compromised computers under the attacker’s control. Attackers can direct the power of their botnets to targets, flooding websites or video game servers with requests, taking them offline.
Directing a large amount of traffic to the victim stops regular traffic from accessing the website or video game, causing a denial of service. That the traffic comes from multiple sources means the attack is distributed, hence the Distributed Denial of Service attack.
At any one time, there may be several DDoS attacks happening around the world. You’re more likely to hear about them when they tap a major service offline, but you can use the Digital Attack Map as an estimate of what’s going on.
<" /div>Like most types of cyber attacks, there are many types of DDoS attacks. DDoS is a blanket term given to a style of attack, but there are many different options for attackers.
Application Layer Attack
Application layer DDoS attacks target website requests, making a large number of data requests simultaneously. For example, an attacker might make thousands of requests to download a particular file, causing the server to slow down.
These requests are almost indistinguishable from typical user requests, which makes mitigating application layer DDoS attacks difficult.
Application layer DDoS attacks mainly focus on intrusive HTTP traffic. One common type of application layer DDoS attack is HTTP Flood, in which the attacker makes as many HTTP requests as possible. Think of it like hitting your browser refresh button a thousand times, but thousands of other browsers are also refreshing at the same time.
Attack protocol
DDoS protocol attacks target the victim’s network, targeting server resources of a different nature. For example, a protocol attack might overload a firewall or load balancer, causing them to stop operating.
The DDoS SYN Flood attack is a useful example. When you make a request on the internet, three things happen. First, data requests known as SYN (short for Synchronization). Second, the response to data requests, known as ACK (short for Acknowledgment). Lastly, the SYN-ACK, which is basically the requester confirming the data has arrived. It sounds confusing, but it happens in the blink of an eye.
SYN Flood basically sends a stack of fake SYN packets from spoofed IP addresses, meaning the ACK responds to the bogus address, which in turn never responds. Requests were there while more piled up, causing a denial of service.
A volumetric DDoS attack can work similarly to an application layer attack, flooding the target server with requests, but with modifiers that can amplify the number of concurrent requests.
DNS Amplification is one of the most common types of DDoS attacks, and is a prime example of a volumetric attack. When an attacker makes a request to a server, it includes a spoofed address, often the IP address of the target itself. Each request loops back to the target IP address, amplifying the number of requests.
Why Use DDoS Attacks?
There are many reasons why an attacker chooses to DDoS on a target, such as masking a different attack vector or causing financial loss to the victim.
- Service Interruption: At the root of DDoS is service interruption. If you flood the server with requests, normal users cannot access the service. In some cases, DDoS attacks have been used to take down competitors offline, forcing service users to defect to online competitors.
- Hacktivism and Politics: Some hacktivist groups, such as Anonymous, are notorious for using DDoS attacks to take their targets offline for extended periods of time. DDoS attacks can cost a business or other organization substantially in terms of downtime, server costs, data costs, technicians, and more. Similarly, taking government sites offline using DDoS can force the government to act or constitute a display of protest.
- Protection for Larger Attacks: DDoS activity can actually mask different attack vectors, running interference to keep IT or cyber response teams busy. At the same time, the real attack took place elsewhere. There are many examples of criminal companies using this DDoS tampering technique to commit other crimes.
- Waste / Exploration / Testing: Sometimes, DDoS happens because someone, somewhere is testing a new technique or script, and something goes wrong (or works flawlessly!).
These are just four reasons why an attacker might DDoS on a video game or website. There are more reasons out there.
Are DDoS Attacks Illegal?
Yes, in short. DDoS attacks are illegal under the Computer Fraud and Abuse Act in the US, the Computer Abuse Act in the UK, and carry a maximum penalty of 10 years in prison in Canada.
Laws and interpretations vary around the world, but most countries with functioning cybersecurity and computer abuse policies define DDoS attacks as illegal activities.
DDoS as a Service
You’ve heard of Software-as-a-Service (SaaS) and maybe Infrastructure-as-a-Service (IaaS), but what about DDoSaaS? That’s right, the “Distributed Denial of Service as a Service” kit and platform is available on the darkweb hack forum.
Instead of taking the time to build a botnet, would-be attackers can pay existing botnet owners to direct their network to targets. These services usually carry the name “stressor“, which implies that you can use them to test your network against theoretical attackers.
However, without customer checks and no steps are taken to ensure server ownership, this DDoSaaS platform is open to abuse.
DDoS Attack Example
In conclusion, here are some prime examples of DDoS attacks from the last few years. According Neustar’s Cyber â € < â € The following list helps illustrate the varying sizes of DDoS attacks and how they have grown in recent years. There are many more DDoS attacks beyond these seven, and more will happen like tribunews.com recently – most likely capacity increases. DDoS Attacks Won’t Stop While DDoS attacks continue to successfully bring down video game servers, websites, and services, attackers will see it as a viable option.
<" div>
