The feeling of security while surfing the web, either as users or as developers, is one of the keys to online experience<\/strong>. Every day we have more data in the cloud both for personal use, business or eCommerce and we security concerns<\/strong> of our data and the correct access to our channels. For this reason, the fact that companies as relevant as , PayPal, Twitter, Amazon or Netflix suffer attacks on their security worries us so much. And behind him is a specific mode of assault<\/strong>the DDO attack.<\/p>\n

Let’s start with the DOS attack<\/strong><\/h2>\n

The DDOS attack is, with some particularity, similar to the DOS, or denial of service attack<\/strong>. This event, which is normally executed by hackers with specific objectives, consists of attack a service or a web page<\/strong> prohibiting access to all content. All those large companies that we mentioned at the beginning have been victims at some point in their history of one of these DDOS attacks.<\/p>\n

That is, once that a web page is attacked <\/strong>by this means it stops being able to access its own data until it is able to stop the intrusion. To achieve this, the attacker saturate the server<\/strong> in which the page or any of its services is hosted, making said server unable to function correctly.<\/p>\n

DDoS or distributed denial of service attack<\/strong><\/h2>\n

The main difference between DDoS and DOS attack is that the former is done from different places<\/strong>. Several computers are responsible for sending requests for access to the page or web service until you block it<\/strong>.<\/p>\n

Normally, each computer involved works with bots, programs that behave like people and that can be beneficial (for example, in the function of correcting web content) or malicious if they are used, as in this case, to generate access to pages until they are blocked. servers.<\/p>\n

Let’s take the example of the latest cyber attack: hackers launched calls from multiple computers and from different IPs to a DNS service<\/strong> (Let’s understand the DNS in a very simple way as the translator of the domain names that the user introduces by the internal code of the system). When this service stops working because it does not support all the calls, the web pages that work with it are no longer accessible<\/strong>.<\/p>\n

Stopping the attack then becomes the top priority and will depend on the number of IPs that are generating that access request.<\/p>\n

The biggest DDOS attack in history<\/h2>\n

One of the most recent cases of DDOS attack was suffered in early June cloudflare<\/strong>which explained \u201chaving automatically detected and mitigated a 26 million request per second DDoS attackthe largest HTTPS DDoS attack on record.<\/strong><\/em><\/p>\n

According to the company, the attack targeted the website of a customer using Cloudflare’s free plan. This attack also primarily originated from cloud service providers, indicating the use of hijacked virtual machines and powerful servers to generate the attack.<\/p>\n

\u201cOver the past year, we have witnessed one record attack after another. In August 2021, we disclosed a 17.2 million request per second HTTP DDoS attack, and more recently, in April, a 15 million rps HTTP DDoS attack.<\/em><\/p>\n

The 26 million rps DDoS attack originated from a small but powerful botnet of 5,067 devices. On average, each node generated approximately 5,200 rps at peak. To contrast the size of this botnet, we have been tracking another much larger but less powerful botnet of over 730,000 devices. The latest largest botnet was unable to generate more than a million requests per second, or about 1.3 requests per second on average per device. Simply put, this botnet was, on average, 4,000 times stronger due to the use of virtual machines and servers,\u201d explained Cloudflare.<\/em><\/p>\n

The precedent of 2016<\/h2>\n

As we said, these attacks have occurred repeatedly over the last few years, but one of the most serious happened in 2016, when someone like Twitter, Spotify, Tumblr or The New York Times,<\/strong> raised the alarms about system vulnerability<\/strong> computers in the United States. These websites were inaccessible for many users throughout the day in many countries<\/strong> as a result of various denial of service attacks<\/strong> (DDoS) against Dyn DNS provider.<\/strong><\/p>\n

