May 2, 2019 By Ryan Sumner 4 min read

DDoS attacks explained

I’m excited to be bringing you guys a new lightboarding video that focuses on DDoS (distributed denial of service) attacks. In the video, I’m going to define the term, explain how a DDoS attack affects your application or user experience, and demonstrate how an attacker uses a botnet to create so much traffic that normal users are unable to get through the congestion.

I hope you enjoy the video, and stay tuned for more! If you have any questions or comments, drop a note in the comments on YouTube and we’ll make sure to answer.

Learn more

Video Transcript

What is a DDoS attack?

Hi, I’m Ryan Sumner, Chief Network Architect with IBM Cloud. Today, I’m gonna give you the basics of a DDoS attack.

Definition of a DDoS attack

A DDoS attack is an attempt by an attacker to create so much traffic or congestion to a target application or an internet application that it impedes the traffic flow for normal visitors.

Effects of a DDoS attack

So, what the normal visitors might see, or the owner of the application might see as a result of a DDoS attack being impeded upon them—they might see a drastic reduction in speed, they might see a complete outage, or they’ll see some unexplained consequences that they don’t normally see within their day-to-day operations. 

How normal traffic flows

So, to demonstrate this a bit more, I’ll show you how normal traffic flows from users on the internet to the target server using its internet connection here.

So, we’ll have normal Internet users here.

We’ll have the clean traffic that comes through the internet and traverses through the connection from the internet to the target server. So, this traffic flows just perfectly fine, with no slowdown or there’s no constriction on that traffic flow.

How does an attacker create the attack?

So, how does an attacker create so much traffic that it causes an inability for this clean traffic to flow from the internet to the target server through its connection. 

So does the attacker just have that many friends? Usually not. And he’s not gonna pick up the phone and say, “Jump on your computer, and now let’s all attack this target server.” 

He’s done his homework, and he has access to a collection, or a network, of attacked or hacked or compromised computers across the internet. Sometimes these might be IoT devices, they might be people’s computers, they might be other servers on the internet. But, all of these attacked or compromised computers are at the control of the attacker and we call that network a “botnet.”

The botnet

The reason it’s called a botnet is because now the attacker can remotely control this network of hacked computers almost like their robots. And the attacker can tell that botnet what to do, and exactly for how long, and exactly where he wants to do it. 

So, the attacker, when they’re ready to start the attack, will call on all of these hacked computers—or robots—within the botnet and start to generate traffic from all of these systems over the internet.

Botnet creates congestion and impedes normal users

Now, what ends up happening is we create congestion through this pipe that’s coming from the internet to the target server. So, as this congestion is occurring—and this never stops, right?—they’ve created so much congestion across it.

And the amount of time that the botnet that is being executed continues to exceed and these internet users are continuing to attempt to come in. However, the pipe is so congested that they can no longer enter the roadway.

So, this is the basics of a DDoS attack.

So, if your application is slow, you’re experiencing downtime, or just other odd behavior you might be under a DDoS.

Was this article helpful?

More from Cloud

IBM Tech Now: April 8, 2024

< 1 min read - ​Welcome IBM Tech Now, our video web series featuring the latest and greatest news and announcements in the world of technology. Make sure you subscribe to our YouTube channel to be notified every time a new IBM Tech Now video is published. IBM Tech Now: Episode 96 On this episode, we're covering the following topics: IBM Cloud Logs A collaboration with IBM and Anaconda IBM offerings in the G2 Spring Reports Stay plugged in You can check out the…

The advantages and disadvantages of private cloud 

6 min read - The popularity of private cloud is growing, primarily driven by the need for greater data security. Across industries like education, retail and government, organizations are choosing private cloud settings to conduct business use cases involving workloads with sensitive information and to comply with data privacy and compliance needs. In a report from Technavio (link resides outside, the private cloud services market size is estimated to grow at a CAGR of 26.71% between 2023 and 2028, and it is forecast to increase by…

Optimize observability with IBM Cloud Logs to help improve infrastructure and app performance

5 min read - There is a dilemma facing infrastructure and app performance—as workloads generate an expanding amount of observability data, it puts increased pressure on collection tool abilities to process it all. The resulting data stress becomes expensive to manage and makes it harder to obtain actionable insights from the data itself, making it harder to have fast, effective, and cost-efficient performance management. A recent IDC study found that 57% of large enterprises are either collecting too much or too little observability data.…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters