cybersecurity Glossary

What is DDOS (Denial-of-Service Attack)?

A DDOS, or distributed denial-of-service attack, is a computer attack that involves a very large number of coordinated systems to block legitimate access to a system.

Blocking in a denial-of-service attack is done by saturating the resources of the remote system. This is why there are methods based on saturating the communications link by sending a very high volume of traffic, or sending a very high number of requests to an application or system, to prevent it from being able to respond to legitimate users, exceeding the limit of connections it is capable of handling or congesting its CPUs.

Behind a denial-of-service attack is a network of malware-infected computers (zombie computers) or misconfigured computer systems that are used to make the attack bigger, via UDP and ICMP protocols. Since it is a distributed attack, its mitigation is complex and usually requires a lot of resources. For this reason and because of their impact, this type of cyber-attack is sometimes associated with extortion or sabotage.