Special Edition: What is a DDoS Attack?

The major news channels didn't give it much hype, but last night there was a significant attack on several major websites. Here's the list:

• Department of Justice (Justice.gov)
• Motion Picture Association of America (MPAA.org)
• Universal Music (UniversalMusic.com)
• Belgian Anti-Piracy Federation (Anti-piracy.be/nl/)
• Recording Industry Association of America (RIAA.org)
• Federal Bureau of Investigation (FBI.gov)
• HADOPI law site (HADOPI.fr)
• U.S. Copyright Office (Copyright.gov)
• Universal Music France (UniversalMusic.fr)
• Senator Christopher Dodd (ChrisDodd.com)
• Vivendi France (Vivendi.fr)
• The White House (Whitehouse.gov)
• BMI (BMI.com)
• Warner Music Group (WMG.com)

That's a lot, and a lot of very big, very important websites. The results of the attacks were that most, if not all, the sites were down for hours yesterday, being brought back online early this morning. I'm not going to go into detail on the politics of the attack, or who has taken credit credit for them, but I will try to explain exactly what happened.

"DDoS" stands for "Distributed Denial of Service", and "attack" stands for, well, attack. The name describes pretty well what the desired outcome of the attack is- to deny people the services of a website (usually by taking it offline). While there are several ways to do this, the most common, and the variant used in last night's attacks, is by overloading the servers that host those pages. Let's unpack that and translate it into normal-speak.

Let's say that you run a business, and you have a store front. If someone wants to look at what you sell, they come into your store and look. The person might leave and come back later, they might bring a friend, or they may never come back. Now, let's say that someone repeatedly came into your store and left it in a matter of minutes. One minute they're in, one minute they're out, one minute they're in, one minute they're out. That's odd, but not too dangerous, right?

Now, if that person brings three friends, and they each bring three friends, who each bring three friends.... You can see how it might become overwhelming very quickly. If enough people come into your store your real customers can't get in- they're being denied your services. (See what I did there?) In this analogy, the people coming into your store are computers, and the leaving and coming back are the computers repeatedly visiting the website very rapidly. (Usually several times a second.)

While a DDoS Attack does no long-term damage, it can take a website down and keep it down for as long as the attack continues if the attackers have enough "bots" (friends they brought to your store) attacking a site. Also, you can get 10 years in prison if you get caught, but more and more frequently, attackers are tricking people into becoming unknowing bots by getting them to either download a program or click a link under false pretenses.

Practical Tip of the Day:
Don't download a program or click a link you're not familiar with. The most common way for internet "bad guys" to get to your information is by tricking you into giving it to them. More and more often people are being tricked into giving their sensitive information away themselves instead of someone taking it by force. If you get an email from your bank asking for you to reset your password, don't follow the link in the email, go to the official site and do it there. It's very common for emails to look official, but be taking you to a website that will collect your information for someone else's use. This is called "phishing" (pronounced "fishing")