By Colin Doherty

Since the introduction of the internet, the realm of cyber threats has continued to evolve both in terms of scale and sophistication. And by November last year it was reported that, nearly 6 billion cyber incidents had been recorded. As businesses navigate this risky digital terrain, the need for robust cybersecurity measures has reached an all-time high.

In the ongoing cat-and-mouse struggle between attackers and defenders, one tactic has remained persistent: Distributed Denial of Service (DDoS) attacks. DDoS attacks are malicious attempts to disrupt the normal traffic of a targeted server, service, or network by overwhelming it with a flood of internet traffic. 

From their inception, DDoS attacks have been a challenge for businesses, governments, and individuals across the globe. More than a disruption or nuisance, DDoS attacks cause significant damage – both financial and reputational. As we commemorate the 25th anniversary of DDoS attacks this year, we want to look at how these attacks have evolved and continue to be a key tool in cybercriminals’ arsenals. 

Let’s decode the DDoS attack

In a DDoS attack, multiple compromised computers or devices are used to flood the target with an overwhelming volume of traffic. This flood of traffic can consume the target’s resources across bandwidth, processing power, and memory, causing the system to become slow, unresponsive, or even completely inaccessible to legitimate users. 

Cybercriminals employ DDoS attacks for various reasons, whether that’s political motivations to cause disruption and chaos, financial extortion, or as a distraction while other exploiting activities are carried out. 

Over time, DDoS attacks have evolved in sophistication and scale, driven by advancements in technology and the proliferation of interconnected devices. Attackers have developed new tactics, such as amplification and reflection techniques, to magnify the impact of their assaults and evade detection. Moreover, the rise of botnets—networks of compromised devices controlled by malicious actors—has enabled large-scale DDoS attacks capable of crippling even the most resilient networks.

DDoS through the ages: Past and Present

It is difficult to determine the exact date of the first-ever DDoS attack, but the malevolent application of this technique gained notable traction in March of 1998. During this time, the University of Minnesota experienced the brunt of a “smurf denial of service” attack – a method involving the inundation of ICMP (Internet Control Message Protocol) echo request packets to a broadcast address, triggering a network amplification effect. This event set off a cascading effect across the state, resulting in network slowdowns and data loss for many systems. 

Much more recently, in November 2023, OpenAI’s esteemed generative AI tool, ChatGPT, experienced a cyberattack. This incident led to intermittent service disruptions and a full-day outage, emphasising the enduring threat posed by DDoS attacks.

The shape-shifting symphony of cyber disruption 

The evolution of DDoS attacks has been marked by several notable shifts. First, hacker groups such as Anonymous Sudan have increasingly utilised these attacks to sow chaos and make political statements. The recent incident involving ChatGPT, claimed by Anonymous Sudan, underscores the broader geopolitical implications of such cyber activities. 

Second, the magnitude of DDoS attacks has seen a substantial surge, due to the utilisation of bots and other applications that can amplify their impact. The overwhelming volume of traffic generated by these malicious actors presents a substantial challenge for defenders.

Third, the repercussions of DDoS attacks have become more pronounced in the digital-driven society. In an era where numerous websites and online services function as essential infrastructure, even brief episodes of downtime can result in substantial financial losses and potentially irreparable damage to reputation.

Outside the domain of cybercrime, DDoS attacks have evolved into instruments of warfare within geopolitical conflicts. Countries such as Russia, Ukraine, Palestine, and Israel have strategically integrated DDoS attacks into their tactics, seeking to disrupt communication channels and incapacitate digital infrastructure during periods of conflict.

Crafting resilient defences in the cyber war 

The significant disruptions caused by DDoS attacks underscore the crucial need for a robust defence.  A DDoS attack initially manifests as a sudden slowdown or unavailability of a site or service. However, distinguishing between the impact of such attacks and performance issues caused by legitimate traffic is crucial. Therefore, the first step in addressing this challenge is a thorough investigation.

According to the recent DDoS Analysis Report, there was a 48% increase in DDoS attacks from November to December 2023, highlighting the heightened need to protect against such incidents. Implementing proactive defensive measures entails adopting resilient network security protocols, utilising DDoS mitigation services, and staying vigilant against emerging threats.

In response to the evolving landscape of cyber threats, businesses should explore advanced tools and services for combating such challenges. Solutions like Vercara’s UltraDDoS Protect, detect attacks and employ countermeasures, processes, and best practices to cleanse internet traffic, ensuring the highest standards of availability, reliability, and scalability. Emphasising proactive defence, these products are tailored to safeguard against the growing threat landscape.

Over the course of 25 years, the trajectory of DDoS attacks reflects the ongoing innovation of cyber adversaries and the persistent challenges encountered by defenders. Navigating this dynamic landscape requires a comprehensive understanding of the history and evolution of DDoS attacks to formulate effective defence strategies. It’s now more imperative than ever that businesses secure their digital future by cultivating employee and corporate awareness, fostering industry collaboration, and implementing cutting-edge cybersecurity solutions as a key investment focus of protecting the enterprise.

About the Author

Colin Doherty excels in business transformation, scale, and growth, building high-performance teams with extensive experience in Cloud Security and B2B SaaS Enterprise technologies. He has 25+ years of executive leadership including serving as CEO of Arbor Networks from 2009 to 2014. He also served as CEO at four other high-growth B2B SaaS, infrastructure, and security services companies, Mangrove Systems, BTI, Dyn, and Fuze. Most recently, Colin served as the Growth Partner at Wavecrest Growth Partners, where he oversaw strategic growth agendas for portfolio company investments.

Earlier in his career, he held executive positions as a CRO and an SVP of Global Sales at Nortel Networks in carrier and enterprise technologies in Europe, the US, and Latin America. Colin is a graduate of Abertay University, Scotland, and holds a Postgraduate degree in Marketing from the Institute of Marketing in London.

The views expressed in this article are those of the authors and do not necessarily reflect the views or policies of The World Financial Review.