Distributed Denial of Service are those attacks which affect the availability of some online service. If a single machine uses some sort of attack on the availability of some server then it is called Denial of Service only. But if more than one attackers attack a victim then it is termed as Distributed Denial of Service attacks. There are a huge variety of ways to achieve this sort of attack. Some are traffic based attacks where attackers send a lot of traffic towards the victim. During this sort of attack, any victim is unable to server traffic to the legit clients.
There are other ways to launch DDoS attacks as well, but we won’t be covering them here. We will only see examples of those attacks which are traffic based.
1Tbps traffic based attack on OVH
OVH is a French company, which provides hosting services, came under attack using the Internet of Things devices such as cameras, sensors, DVR players etc. Somehow attackers compromised these devices and then used them to launch this big attack. There were around 152K devices which were compromised. OVH’s CEO mentioned this after the attack in this tweet
Last days, we got lot of huge DDoS. Here, the list of "bigger that 100Gbps" only. You can see the
simultaneous DDoS are close to 1Tbps ! pic.twitter.com/XmlwAU9JZ6
— Octave Klaba (@olesovhcom) September 22, 2016
602 Gbps attack on BBC & Trump
This attack was launched again BBC websites and Trump’s campaign sites. The group that attacked these websites are called New World Hacking. The attack was done on all the BBC websites including its iPlayer base. Attackers used Bangstresser DDoS tool. Here is the confession
They made use of two Amazon Web Services servers to launch an attack. AWS claimed multiple times in history that it’s infrastructure is resilient but these attackers somehow found a way to launch an attack using it. Here is a statement from Ownz who is a member of this group
“We have our ways of bypassing Amazon,” said Ownz. “The best way to describe it is we tap into a few administrative services that Amazon is use to using. The [sic] simply set our bandwidth limit as unlimited and program our own scripts to hide it.”
DDoS attack on Blizzard Games
Blizzard Games was attacked back in April of 2016 by the notorious Lizard Squad. Currently, Lizard Squad suspects (allegedly two teenagers) are under federal investigation. Blizzard’s servers were literally brought down by these attacks. Most of the attack was done on the Blizzard’s Battle.net site. For almost two hours the services were unavailable.
1.2 Tbps DDoS attack on Dyn
Back in October 2016, Dyn was attacked with the worst kind of attack. Dyn is a Domain Name System (DNS) service provider for most of the high traffic websites e.g. reddit, twitter, Guardian, CNN, Netflix etc. The attack used the Mirai Botnet, which comprises of zombie machines. Zombie machines are those machine who are legit people but they are unaware that they are being used to launch an attack against someone. The duration of the attack was about one day.
The attackers used about 1 Million zombie devices to launch an attack, and it hit the roof, giving it 1.2 Tbps traffic based attack.
The attacks are on the rise and they are getting sophistication and powerful in strength. It is high time that more and more efforts should be in place to stop these attacks because a lot of people get affected by these criminal acts.