A Distributed Denial of Service (DDoS) attack is the attempt to attack a single networked target with a co-ordinated army of other networked devices simultaneously for a prolonged period of time. Targets can be anything from a local small business through a large multinational organisation or religious organisation.
Because of the distributed nature of these attacks it can often be difficult to pinpoint a single source. This is mainly due to the attacking networked devices being infected with a Botnet or being commanded through the use of malware.
DDoS AttackAttackers build and accumulate networks of infected networked devices (Botnet) through the distribution of malware attached to emails, websites, illegal software, and social media. Once the malware has been downloaded and executed on a candidate networked device the subject is then under the in/direct control of the Botnet controller.
A Botnet can be utilised to generate huge volumes of traffic against a specified target in an effort to overwhelm it with seemingly legitimate requests from many geographical locations. This makes the job of identifying the source of Botnet traffic extremely difficult.
For example, a Botnet commander may target users in Canada and the United Kingdom through a social media scam directed to those localities. A piece of malware is distributed to users in those areas, and as installations of the malware in those localities are effect the Botnet commander will see more participants join their army.
The Botnet commander in this example is not located within Canada or the United Kingdom, but they hire their Botnet army out to execute a DDoS against a foreign government's website.