What it is
A distributed denial of service (DDoS) attack floods a target with more traffic than it can handle, exhausting bandwidth, compute, or application resources. Attackers recruit large botnets or abuse reflection and amplification techniques on misconfigured network services to generate massive volumes of requests. Volumetric attacks saturate network links, protocol attacks exploit weaknesses in TCP, UDP, or SSL handshakes, and application-layer attacks mimic legitimate user behavior to exhaust CPU and memory. Modern DDoS campaigns are multi-vector, shifting tactics mid-attack to bypass defenses. Because cloud infrastructure enables rapid scaling, attackers can rent DDoS-as-a-service capabilities cheaply. Targets range from e-commerce storefronts and online gaming platforms to small businesses that rely on hosted services. Mitigation requires absorbing, filtering, or rerouting malicious traffic before it reaches origin systems, often involving specialized scrubbing centers, anycast networks, and collaboration with upstream providers.
Why it matters
Downtime translates directly into lost revenue, SLA penalties, and reputational harm. Even if availability is restored quickly, the operational focus required to mitigate DDoS can distract teams from concurrent intrusion attempts or ransomware staging.
How to reduce risk
- Engage a reputable DDoS mitigation provider with global scrubbing capacity and automated detection.
- Harden network edge devices, disable unused amplification protocols, and enforce rate limiting at the application layer.
- Architect services for resiliency with autoscaling, caching, and multi-region failover.
- Develop a DDoS response runbook that coordinates network, application, and communications teams during an incident.