On January 27, 2015, netizens flooded Twitter – with complaints about Facebook’s and Instagram’s brief shutdown. For about an hour that fateful morning, Mark Zuckerberg’s social media giant went down.
Amid the fiasco, a group of hackers by the name of Lizard Squad claimed responsibility over the shutdown. Facebook has debunked the hack group’s statements and said that the outage was due to a change in the network’s configuration systems.
Although the Facebook stint was untrue, Lizard Squad has already shut down several websites in the past. Some notable examples include the popular game League of Legends, the PlayStation Network, and Xbox Live.
The group uses a technique in bringing down websites: distributed denial-of-service attacks, also known as DDoS attacks. But what exactly is this concept?
DDoS Attacks Explained
There are two basic forms of DDoS attacks: attempts to flood a service and attempts to crash a particular service. Hackers may use different ways to crash or flood a system. For instance, it is possible to use bots to send a large amount of requests to a server until it crashes. There is also the idea disrupting the configuration information in a network. Some hackers also sever the communication media between the service and its users to make the portal inaccessible.
In some cases, hackers include a malware in the equation. In this case, the malicious software may max out the processor, disrupt the microcode to create errors, exploit existing errors in the network, or crash the network’s operating system as a whole.
There is good news, though. IT security consulting experts at Q4Technology.com point out that there are many types of security measures that foil DDoS attacks. Firewalls, routers, and switches are basic measures companies take to secure their systems. There are also IPS-based prevention systems, as well as DDS-based defense technology. Through the combination of these measures, websites can stay safe – at least most of the time.
Now, these measures are only here to prevent attacks from happening. Each measure has its own strength and vulnerability – there’s no denying that. No security measure is completely invincible, after all. But although they all have vulnerabilities, the combination of different techniques provides a way for websites to stay secure and operational.