The history of DDoS attacks is both interesting and a warning.
Distributed denial of service attacks (DDoS) are fast becoming the weapon of choice used in cyber attacks and online cyber warfare. Botnets and DDoS attack methods have been around for as long as IP networks themselves. While they began life as a mere nuisance for those involved, the sophistication and sheer scale of attacks today are proving to be a major concern.
The first known attempt was undertaken in 1996, when an ISP, Located in New York was taken down by multiple hosts aka a botnet, with as many as 150 requests per second flooding in and overwhelming the infrastructure.
The most well known DDoS attack, possibly because it was the first time this method was slingshot into the limelight, while also proving it was an easy and effective method of disrupting your target, was in 1999.
The IRC server of the University of Minnesota was attacked, rendering 227 systems affected and the whole thing forced services unusable for days to come. Fast forward a couple of months to the year 2000 and DDoS attacks had been successful against taking down sites like Ebay, CNN, Amazon and Yahoo.
Current mitigation methods are pretty useless for the longterm.
Today DDoS attacks are responsible for taking down some of the biggest online services, websites and even government infrastructure. With the threat of these attacks rising exponentially, mitigation and blocking of DDoS attacks is virtually non-existent, it’s highly likely we will be seeing them used as a new form of cyber warfare.
What began as a nuisance has now grown as one of the biggest threats facing security professionals and government agencies. While there are some protocols out there, which if applied by every ISP and to every network, would almost render DDoS attacks useless, BCP38 for example. The addition of countless devices online, secured by default or weak passwords, are providing cyber criminals endless resources to exploit, for the botnets used in these DDoS attacks.
The solutions for this problem are small in number but require 100% participation by all involved, to curb the threat. Until then, many experts only see this problem increasing and ultimately manifesting as major concern for cyber security and the future of cyber warfare.