Security Services

Types of DDoS Attacks

Protect your business from the different types of DDoS attacks

There’s no question about the global impact the Internet has played on economic growth and prosperity, and how it’s changed the way we work, play, connect and share. While living in today’s Internet-reliant world has brought unprecedented benefits to businesses and consumers alike, the underlying threat of distributed denial-of-service (DDoS) attacks cannot be ignored. This may not be surprising to hear - recent headlines about security breaches with major retailers and financial institutions seem to be a reoccurring theme in the news.

Simply put, a DDoS attack is a malicious attempt to bring down networks, Web-based applications, and/or services by overwhelming these resources with too much data or impairing them in some other way. Unlike a denial-of-service (DoS) attack where the source is just a singular computer and connection, a DDoS attack is from multiple sources, and is capable of causing great consequences to a company’s brand, reputation and bottom line.

DDoS attacks are designed to target any aspect of a business and its resources, and can easily:

  • disable a specific computer, service or an entire network
  • target alarms, printers, phones or laptops
  • hit system resources like bandwidth, disk space, processor time or routing information
  • execute malware that affects processors and triggers errors in computer microcodes
  • exploit operating system vulnerabilities to drain system resources
  • crash the operating system

But DDoS attacks are not all the same. On a very high level, a DDoS attack can be first divided into the following two categories:

  • Connection-based: An attack that occurs once a connection between a server and a client has been established via certain standard protocols.
  • Connectionless: An attack that does not require a session to be formally established before a sender (server) can send “data packets” – a basic unit of communication over a digital network - to a receiver (client).

Secondly, a DDoS attack can fall into the following three broad categories, depending on the area of the network infrastructure on which the attack is focused:

Learn the different types of DDoS attacks

1. Volumetric Attacks (connectionless)

Also known as “floods,” the goal of this type of attack is to cause congestion and send so much traffic that it overwhelms the bandwidth of the site. Attacks are typically executed using botnets, an army of computers infected with malicious software and controlled as a group by the hacker.

2. TCP State-Exhaustion Attacks

This type of attack focuses on actual web servers, firewalls and load balancers to disrupt connections, resulting in exhausting their finite number of concurrent connections the device can support.

3. Application Layer Attacks (connection-based)

This type of attack, also known as Layer 7 attacks, specifically targets weaknesses in an application or server with the goal of establishing a connection and exhausting it by monopolizing processes and transactions. These sophisticated threats are harder to detect because not many machines are required to attack, generating a low traffic rate that appears to be legitimate.

Additionally, an attack can also be a combination of the three types listed above, which makes it even more challenging for organizations to combat.

Find out how a DDoS attack happens

Zero-Day DDoS Attack

These attacks occur when an actor exploits a zero-day vulnerability to carry out a DDoS attack. A zero-day vulnerability is a system or application flaw previously unknown to the vendor, and has not been fixed or patched. It is called a “zero-day” because once a flaw is discovered the vendor has zero days (before disclosure) to fix it.

Zero-day DDoS attacks are particularly difficult to protect against as they originate from an unknown threat. The adoption of bug bounty programs by software vendors and other companies are becoming increasingly popular to incentivize security researchers to report possible vulnerabilities.1

Here’s the good news: Despite the fact that DDoS attacks have become more pervasive than ever before, businesses can help mitigate against these threats by utilizing a cloud-based DDoS protection service that offers a more holistic, proactive approach.

Verisign’s DDoS Protection Services provide the highest level of infrastructure protection and availability and use proactive monitoring, advance warning systems and proprietary mitigation technology to prevent DDoS attacks from ever reaching the organization.

There’s no denying how the Internet plays a defining role in our daily lives – so it’s paramount to keep on top of real threats that could bring serious harm to it.

1 2015 Verisign iDefense Threats & Trends Report