Skip main navigation

DOS and DDOS Attacks: Theory

In this video, you will learn about denial of service (DOS) attacks and distributed denial of service (DDOS) attacks.
In this video, we’re going to take a look at DOS and DDoS attacks. Now DOS and DDoS attacks - DOS stands for denial of service attack. This is a cyber attack in which the attacker tries to make a computer network unavailable by disrupting the servers, and this is typically done by sending small packets or could be large packets repeatedly in quick succession. So in other words, it’s flooding the computer, the network, the server with a flood of packet requests. Similar to a DOS attack is DDoS attack, which stands for distributed denial of service. And this typically involves several computers, usually zombie computers - computers that were taken over by a botnet, for example.
A lot of times people don’t know their computer’s being used for this purpose, and it’s used to initiate a coordinated attack. This could also be done by a manual process. Sometimes people will use a programme like Hivemind, and we’re going to take a look at a variant of it - Low Orbit Ion Cannon - in which, in the past, people have gone to IRC and other channels and said, hey, this is our target. This is when we’re going to launch an attack. Everyone set up. So people will join this giant botnet or giant DDoS attack, and launch a coordinated attack against a computer or network or whatnot. Now why a DDoS attack? Well, a DDoS attack can cripple a network.
It could take critical services offline. It’s capable of disrupting different services. Sometimes can be used to make a statement, in terms of people trying to make a political statement. For example, they may take down a, say, political rival’s website - a cyber protest of sorts. Some networks are held ransom by these attacks. For example, a coordinated attack against, say, Microsoft could be launched, and they may say, well, if you don’t pay us x amount of money, we’re going to keep flooding your network and keep it offline. Other reasons for this could be - I’ve seen this in the news where people would launch a DDoS attack against rivals on online gaming.
Or in terms of just a paid service where people would pay for a service to go down or website to go down. They would pay for a distributed denial of service attack. Also these are types of attacks serve as a distraction. So if I’m a malicious attacker– I’m going after a website– I might target one of their servers with a DDoS attack. And while IT is handling that problem, I might sneak around and actually launch an attack on a different server that I want to get to, thus creating a distraction. Now how serious is a DDoS attack?
In total, 86% of these businesses were struck with multiple DDoS attacks over the past 12 months, of which 63% said the loss of revenue at peak times caused by a DDoS disruption can sometimes reach beyond $100,000 an hour. Now this was a Zdnet article by Charlene Osborn on 2017. So as you see, DDoS attacks can be very costly. And as time goes on, more and more services are a lot more critical, thus the dollar amount is going to go up. Now DDoS attacks hit a number of people. So Minneapolis was hit by a DDoS attack during social unrest. This would be an example of a political statement. Cyber assaults hit Best Buy, eBay, CNN, and Amazon.
PayPal was hit by a DDoS attack after dropping Wikileaks. Sony PSN was down, and Xbox Live was down by DDoS attacks. So these are pretty common attacks, and a pretty devastating. Now there’s a lot of different ways a DDoS attack can be launched. There’s different programmes out. They are pretty easy to use. Things like Slowloris, which is a slower DDoS attack, which is designed to slowly chew up bandwidth on a server. And then we have Low Orbit Ion Cannon, which we’re going to take a look at an example of this in a moment. And then we have paid DDoS attacks. So this is typically hacking groups that will lease out their services.
You tell them I want this target hit for this amount of time or this date range. And then you pay a fee and they launch a DDoS attack against it. Now, I do want to iterate all of these are highly illegal, so don’t do any of these.

In this video, you will learn about denial of service (DOS) attacks and distributed denial of service (DDOS) attacks.

DOS attacks refer to cyber-attacks where the attacker tries to disrupt services so that a computer or network becomes unavailable. DDOS attacks are similar, but they are on a larger scale: in these, several computers are used to initiate a coordinated attack.

Reflect and share: This video has explained the different ways these attacks can be conducted, and the damage caused by these attacks. This was illustrated in the news items shared in the video. Try to see if you can remember any other news items you have ever heard about that related to DDOS attacks. Share your comments in the section below.

This article is from the free online

Advanced Cyber Security Training: Network Security

Created by
FutureLearn - Learning For Life

Our purpose is to transform access to education.

We offer a diverse selection of courses from leading universities and cultural institutions from around the world. These are delivered one step at a time, and are accessible on mobile, tablet and desktop, so you can fit learning around your life.

We believe learning should be an enjoyable, social experience, so our courses offer the opportunity to discuss what you’re learning with others as you go, helping you make fresh discoveries and form new ideas.
You can unlock new opportunities with unlimited access to hundreds of online short courses for a year by subscribing to our Unlimited package. Build your knowledge with top universities and organisations.

Learn more about how FutureLearn is transforming access to education