Font size:
Print
DDoS Attack
Context:
Elon Musk hosted former US President Donald Trump for a live audio interview but the conversation was delayed due to a DDoS attack on X.
What is a DDoS Attack?
DDoS stands for Distributed Denial of Service. According to the US government’s Cybersecurity & Infrastructure Security Agency, this targeting is done by directing a large number of users against a particular online server at the same time to “flood” it.
How Does it Work?
- Botnet Creation: Attackers infect numerous computers with malware to create a botnet.
- Overwhelming the Target: The botnet is commanded to flood the target with requests simultaneously.
- Service Disruption: The target’s resources are exhausted, making it impossible to handle legitimate requests.
Types of DDoS Attacks:
- Volumetric attacks: Overwhelm network bandwidth.
- Protocol attacks: Exploit vulnerabilities in network protocols.
- Application layer attacks: Target specific applications or services.
Protection Against DDoS Attacks:
While it’s challenging to completely prevent DDoS attacks, there are measures to mitigate their impact:
- Network security: Implementing firewalls and intrusion prevention systems.
- DDoS protection services: Using specialised services to filter malicious traffic.
- Redundancy: Having backup systems and data centers.
- Regular updates: Keeping software and systems patched.
Measures taken:
National level:
- INFORMATION TECHNOLOGY ACT 2000 (Amended in 2008)
- The National Cybercrime Reporting Portal, operated by the Ministry of Home Affairs.
- Indian Cyber Crime Coordination Centre (I4C) under MHA, coordinating with regulatory bodies like Reserve Bank of India and fintech companies to address cyber frauds.
- Indian Computer Emergency Response Team (CERT-In)
- Cyber Surakshit Bharat initiative of Ministry of Electronics & Information Technology (MeitY)
- The Bharatiya Nagarik Suraksha Sanhita 2023 includes digital financial frauds under “continuous unlawful activity.”
Global level:
- The International Telecommunications Union’s (ITU) Global Cybersecurity Agenda.
- The World Economic Forum has launched the Cyber Resilience in Oil and Gas initiative to enhance the industry’s cybersecurity posture.
- Budapest Convention is the world’s only binding international treaty on cybercrime (India is not a signatory).
- INTERPOL has developed two secure and adaptable services to support cybercrime-related communication between police and other stakeholders.
- Cybercrime Knowledge Exchange workspace
- Cybercrime Collaborative Platform