This white paper explores how DDoS strategies help threat actors obfuscate attack sources and empowers them with a near limitless army of botnet machines. The result? Endless attacks from every region, every source and against every layer.
While one of first publicized denial-of-service (DoS) attacks appeared in February 2000 when a 15-year old Canadian flooded the servers1 of various online retailers, including Amazon and eBay, the tools and techniques to execute such a salvo were being researched and developed for years prior.
In fact, the CERT division of Carnegie Mellon University’s Software Engineering Institute (SEI) published a 1997 report identifying the potential threats of DoS attacks.
CERT, which is federally funded by the U.S. Departments of Defense and Homeland Security, summarized the three basic DoS attack types of the time as:
- Consumption of scarce, limited, or non-renewable resources
- Destruction or alteration of configuration information
- Physical destruction or alteration of network components
In this context, the resources noted include essential bandwidth, memory, disk space, network connectivity, climate control and even power. The other two attack types are in line with what we’d expect in modern use cases. The DoS findings marked a critical and historic point in cyber threats; every industry still fights these basic concepts today.
As cybersecurity defenses improved, the tactic evolved to a distributed denial-of-service (DDoS) attack model. This approach helped obfuscate attack sources and empowered threat actors with a near limitless army of botnet machines. This led to endless attacks — from every region, every source and against every layer.
Please fill out the form below for free access to The DDoS Factor.