When most of us think about a cyber-attack, we often think about malware that’s installed onto our computers and will either wipe out all the data we have stored on it or a worm that’s crawling through our folders and snatching up our personal information.
While these are not uncommon attacks, they’re not all you have to worry about when it comes to keeping yourself and your family safe. Did you know that cybercriminals can hack into your computer and use it as their remote-controlled drone in cyber-attacks? It’s true.
These are often part of a larger scheme called a DDoS attack. Scammers will use many computers at their disposal like an army of puppets to do their bidding. Continue reading to learn more about DDoS attacks, including what they are exactly, the different types, and how this type of attack can affect you.
What is a DDoS attack? DDoS stands for “distributed denial-of-service” attack and it’s an attempt to disrupt the flow of normal traffic to a server, service, or network by flooding it with a massive amount of traffic. Hackers will use a network of devices they’ve installed malware on as an army of bots to direct a boatload of traffic to a single source. It would be like if there were 500 legitimate tickets sold to a venue that had a maximum capacity of 500 patrons, but a ticket scalper forged 400 tickets and sold them on the black market. There would be 400 people who can’t get into the venue, regardless of the legitimacy of their tickets. Like the ticket takers at the venue, servers that are attacked can’t distinguish the difference between a real user and a bot.
Microsoft Defender
Stay safer online with one easy-to-use app1
1Microsoft 365 Personal or Family subscription required; app available as separate download
Ultimately, legitimate users, like you, aren’t able to access connected online services and sites. While a DDoS attack is not physically damaging, many companies that are victims of DDoS attacks can end up with lost revenue, branding damage, and angry customers as a direct result of a service outage. The bogged down servers will also have a reduced response time to identifying a threat to compromised confidential information.
“If your computer is a part of a DDoS attack, it means your cybersecurity has been compromised.”
What are the types of DDoS attacks? There are three basic types of DDoS attacks: application layer attacks, protocol attacks, and volume-based attacks. Let’s visit each attack type so you can see how they differ while using the same basic strategy.
Application layer attacks. Hypertext Transfer Protocol (HTTP) is what makes communication between users and servers possible. While there are nine specific methods of communication, GET and POST are the most common and do what they sound like they do. GET requests data from the server, while POST sends data to create or update a resource. Application layer attacks will use GET/POST floods or low-and-slow attacks (many small requests spread out over time) directed toward Windows or other operating systems to overload and crash a server.
Protocol attacks. There are several different types of protocol attacks that all try to accomplish the same result, which is to send packets of information at a time to a server to overload server resources.
Volumetric attacks. Volumetric attacks are precisely what their name says in that they send large amounts of information to a server to disrupt the site’s bandwidth.
This sounds like a business issue—so why does this matter to you? There are a few ways DDoS attacks affect you. First of all: the frustration that comes with not being able to reach a favorite website. Rather than there being an attack in process, there’s a chance that you and everyone else are trying to get onto the site at the same time, and the servers are overloaded. Consider buying tickets to a Taylor Swift concert at the moment of release. How many people are trying to buy tickets to a 15,000-seat venue? Many more than can buy tickets, so the servers will be overloaded, and the site will get bogged down.
The biggest, and most important reason, you should be concerned is that if your computer is a part of a DDoS attack, it means your cybersecurity has been compromised. Even if the malware installed on your computer does nothing more than send several gigabytes of data during a DDoS attack, you could be at risk for much larger attacks.
Your computer is continually in use when it’s being used as part of a DDoS attack, which means there are signs that you can look out for that include (but are not limited to):
Lagging internet service
Slowed computer function
Slow access to files and folders
Unable to connect to the internet
When it comes down to it, do your best to avoid downloading malware by visiting only sites you can trust. Installing antivirus software on your computer can ensure that you don’t accidentally install malware via phishing scams or malicious websites.
While a DDoS attack isn’t always going to cause major problems on your computer besides inconvenience, it can be the first sign that your computer is at risk of downloading additional malware. Stay vigilant with your internet scrolling and email usage to ensure that you’re not a victim of malware and that your computer isn’t being used as a remote-controlled zombie.
Get started with Microsoft 365
It’s the Office you know, plus the tools to help you work better together, so you can get more done—anytime, anywhere.
Identify and stop a CEO fraud attack with these tips. Learn how this scam, sometimes known as whale fishing, is aimed at company executives and how to master CEO fraud detection.
Recognize questionable behavior on social media such as off-putting and automated messages. Learn why this behavior may be a sign of social media bots and other indicators.