Why hackers choose DDoS attacks

The cyberattack that immobilized a large chunk of the internet on Friday may have seemed complex. In fact, the type attack that hackers employed to cut off access to some of the world's biggest websites was strikingly simple.

The unidentified attacked used a DDoS — or "distributed denial of service" — attack, which send a huge number of requests to overwhelm servers. These attacks can take down websites or, as in Friday's case, target important systems and render them almost unusable.

It's one of the oldest types of cyberattacks, but it's gained a new twist as the method has grown in scale.

As the DDoS attack on domain name system (DNS) host Dyn was ongoing Friday, access to Twitter, Airbnb, Netflix, Spotify and a litany of other websites was limited. Those websites and many other rely on Dyn to connect their websites to users through the DNS system.

SEE ALSO:Sites across the internet suffer outage after cyberattack

It doesn't take particularly advanced hacking skills to block access to those sites. It just takes a huge network.

"DDoS attacks are popular because in some ways, they're easy to do. If you can generate enough traffic, you can overwhelm a web server," John Graham-Cumming, chief technology officer for internet security firm Cloudflare, told Mashable. "They're sort of the simple but large way of knocking a website offline. They're not sophisticated, but they do have real impact."

Mashable Top StoriesStay connected with the hottest stories of the day and the latest entertainment news.Sign up for Mashable's Top Stories newsletterBy signing up you agree to our Terms of Use and Privacy Policy.Thanks for signing up!

Friday's attack against Dyn was the second high-profile DDoS attack in recent weeks. Security blogger Brian Krebs was hit with a major DDoS attack in late September that he said at the time was the largest the internet had ever seen.

The hacker collective Anonymous made headlines with a DDoS attack in 2011 that was tiny compared to Friday's, Gizmodo pointed out. The first large-scale DDoS incident was in 1999.

Krebs on Friday tweeted that the firm Flashpoint had reported that day's cyberattack was launched by a botnet based off of the Miraibase code, which is used to hijack internet-connected devices and use them in DDoS attacks.

A huge number of "internet of things" devices, like connected refrigerators or other smart devices, have minimal security and could easily be looped into an attack like this.

"We seem to be in a bit of a season of DDoS attacks. People are using DDoS as a tool to knock things offline that they don't like," Graham-Cumming said. "I don't know the details of what Dyn is facing today, but it seems like the attacks we've seen over the past weeks and months."

On late Friday afternoon, Dyn said an "advanced service monitoring issue" was resolved, but the company was still "investigating and mitigating" attacks on its infrastructure.

DDoS attacks are a brute force way to take down a server. The attacks can take down particular websites or particular systems that can provide a service to numerous websites.

The video below provides a visualization of what a DDoS attack looks like. In the video, a variety of bots attack a particular part of VideoLAN, a volunteer organization that makes open source software.

TopicsCybersecurity

(责任编辑：行业动态)