A distributed denial-of-service, or DDoS, attack overwhelms a target with traffic or requests from many systems at once to disrupt availability. DDoS attacks matter because they can take down public services, strain infrastructure, and create costly outages without requiring direct data theft.
What is a Distributed Denial-of-Service (DDoS) Attack?
A DDoS attack uses many devices, often a botnet, to flood a website, application, network, or service with malicious traffic. The volume, distribution, and coordination make the attack harder to block than a simpler denial-of-service event from one source.
DDoS campaigns may target bandwidth, application logic, connection limits, DNS infrastructure, or upstream services. Some are used for extortion, disruption, political messaging, or as cover for other malicious activity.
Common DDoS Attack Types
Common types include volumetric floods, protocol attacks, and application-layer attacks. Each targets a different weakness, from raw bandwidth exhaustion to resource-intensive request handling.
DDoS vs. DoS
A DoS attack may come from a limited source, while a DDoS attack is distributed across many systems. The distributed nature usually increases scale, resilience, and filtering difficulty.
Frequently Asked Questions
Where do DDoS attacks get their traffic?
Traffic often comes from botnets made up of compromised servers, consumer devices, routers, and IoT systems under attacker control.
Can a DDoS attack be fully prevented?
No environment can guarantee full prevention, but resilient architecture, rate controls, upstream filtering, CDN protections, and traffic scrubbing services can reduce impact significantly.
