Distributed denial-of-service (DDoS) attacks are one of the biggest threats facing businesses today. Given the fact that almost all companies have taken a portion of their business online, DDoS attacks have the potential to cripple their operations and severely affect their bottom line. The advancements in technology have only made such attacks more effective and companies are struggling to catch up in terms of detection, prevention, and mitigation.
Hackers use DDoS attacks to take down websites, servers, and internal networks. The process involves the use of networks of bots (such as computers, but also smart home devices like routers, cameras or even a fridge) to generate an enormous amount of fake traffic to a target. The server or website targeted quickly becomes overwhelmed and effectively stops working.
What made DDoS attacks the major issue that it is today? What does the future hold for this type of cyberattack and will DDoS become more widespread and dangerous? In this article, we will take an in-depth look at the history and future of DDoS attacks.
The Origins of DDoS Attacks
Perhaps the first-ever DDoS attack was executed by David Dennis, a 13-year old student at the University of Illinois High School. In 1974, he successfully managed to shut down 31 PLATO terminals by writing a program that sent a problematic command. It was done as an experiment, so there was no ill will involved. However, the principle would soon be applied for more nefarious reasons.
With the rise of IRC (Internet Relay Chat) in the ’90s, simple bandwidth-based DDoS attacks became a tool to gain admin control of a chat room. With IRC, if you logged off, you would lose your admin rights. Once again, such DDoS attacks were nowhere near the threat companies are facing today — however, they are essentially the origin point of the current issue.
DDoS Attacks Become a Weapon
In 1996, New York-based Internet service provider Panix became the target of a DDoS attack via a so-called SYN flood. The hacker used a spoofed IP address to overwhelm the company’s servers with fake “synchronize” packages, forcing it to stop processing actual requests. Panix managed to recover in around 36 hours, but this event was significant for being one of the first major DDoS hacks.
Several years later, in 1999, a hacker managed to completely disable the University of Minnesota’s internal network for more than 48 hours with a massive UDP flood. It was the first large-scale attack through a specialized tool called Trinoo. On top of that, it managed to garner major public attention and solidify DDoS attacks as something to be aware and afraid of.
Perhaps the most infamous DDoS hacker is Michael “Mafiaboy” Calce. In February 2000, he launched a massive DDoS attack targeting major corporations such as CNN, Yahoo, Amazon, Dell, eBay, and FIFA. The then-teenager used a tool called TFN2 that makes use of previously infected computers to generate a huge amount of fake traffic to a server. In order to stay undetected, the tool also tinkered with the encryption utilized by standard network communication protocols.
The sheer scale and success of Mafiaboy’s DDoS onslaught inspired other hackers and hacktivists. It also vastly improved the efficiency of the tactics and procedures used for DDoS attacks. In the following years, numerous massive DDoS attacks occurred. Hackers were targeting corporations, making political statements, or simply extorting business owners under threat of a DDoS flood. Unfortunately, this was just the beginning of what would become a much more complicated problem.
Evolution of DDoS Attacks
The rise of the Internet of Things (IoT) changed the playing field when it comes to DDoS attacks. IoT devices in general have poor security, making them excellent tools to use in order to generate fake traffic. Hackers started hijacking large volumes of IoT devices and using them to create vast botnets. With such botnets, the amount of traffic a hacker could send to a target jumped from gigabytes to terabytes.
The overall development of networks and server infrastructure also inadvertently made DDoS attacks more effective. The introduction of networks such as 5G offers a lot of benefits for users, but also provides an excellent way to generate massive DDoS floods. Given the fact that 5G offers increased bandwidth and extremely low latency, hackers can now create gigantic IoT botnets that are enough to threaten Internet giants like Google or Amazon.
What Does the Future Hold for DDoS Attacks?
Unfortunately, the current trend shows that DDoS attacks will only become more frequent, more massive, and more effective. The proliferation of IoT devices and the quick implementation of 5G capabilities across the world will be a deadly combination. On top of that, the ongoing digitization of businesses took a giant leap because of the COVID-19 pandemic. As a result, companies of all sizes have a good portion of their assets online, making them perfect targets.
When it comes to defense against DDoS, the current state is not promising at all. Hackers are already effectively using cloud technologies in order to execute DDoS. Businesses need to quickly adapt and start using similar solutions in their security stacks. However, hackers always seem to be one step ahead when it comes to methods, technologies, and tactics.
For just the first half of 2020, there were over 4.83 million DDoS attacks. This number is a big increase from the already worrying numbers for 2019. The biggest activity was during the initial lockdown months, from March to July. We can only expect the trend to continue in 2021 and beyond.