What is a DDoS attack?
Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks arenât new cyberattack vectors; They go all the way back to the early 1970s when modern commercial and enterprise networks emerged.
DDoS is a cyberattack in which the adversary seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to a network. It doesnât peruse any private data or get control over the targetâs infrastructure; it just aims to bring the service down.
In todayâs world, specifically with COVID, which accelerated organizationsâ digital transformation, web presence is a must for just about any business. In this environment, DDoS attacks can be very destructive.
Main ingredients of DDoS attacks
Ingredient # 1 â Botnet
A botnet is a group of infected, compromised machines with malware controlled by malicious software without the knowledge of the machine owner. It ranges from ordinary home or office PCs to IoT devices. Compromised machines called bots or âzombiesâ are used to launch DDoS attacks, spread SPAM, or perform other malicious activities orchestrated by the attacker.
One of the most infamous Botnets is âMirai,â which used hundreds of thousands of hijacked IoT devices. The creators of the Mirai botnet, Josiah White, Paras Jha, and Dalton Norman, who were all between 18 and 20 years old when they built Mirai, managed to hijack IoT devices by scanning the Internet for vulnerable IoT devices with factory-set usernames and passwords, log into them, and infect them with the Mirai malware.
The Mirai botnet was used in multiple DDoS attacks between 2014 and 2016 and, when the creators felt the heat coming from the authorities, they published the Mirai source code in a Hackersâ forum in an attempt to cover their tracks. All three were eventually indicted, plead guilty, and are now fighting crime with the FBI. Amazing how life turns out.
Just like we have COVID variants and mutations, Mirai also evolved and its source code mutations have been used in the wild by hackers. Okiru, Satori/Fbot, Masuta, Moobot, and more than 60 other Mirai variants are out there.
Ingredient # 2 â Command and Control