CYBERSECURITYHow Destructive Is a DDoS Cyberattack?

By Esteban Pardo

Published 11 May 2022

Last weekend, Russian hackers attacked several German government websites. These cyberattacks were seemingly harmless, much to the relief of the authorities. But many others are not so lucky.

Last weekend, hackers attacked the websites of the German military and the Ministry of Defense, rendering them temporarily unavailable. Chancellor Olaf Scholz’s office was also targeted, Der Spiegel news magazine reported. A spokesperson for the Bundestag, the lower house of the German parliament, told the magazine that the incident was an “unsuccessful attempt at an attack that did not cause any damage here.” 

The cyberattack was claimed by the pro-Russian “Killnet” group, which specializes in “overload attacks” — technically called DDoS (pronounced “dee-dohs”). These attacks involve a website being flooded with simultaneous and coordinated webpage requests from multiple computers, making it difficult for the website to handle all of them. This then makes the website extremely slow or completely inaccessible to legitimate users.

The weekend attack wasn’t the notorious group’s first. Last month, it launched DDoS attacks on institutions in Romania, the United States, Estonia, Poland, and the Czech Republic, according to the Romanian Intelligence Service (SRI). Several NATO-linked websites were also attacked.

Although these attacks were seemingly harmless, cyberattacks can have really devastating effects. So, how to tell between apparently harmless cyberattacks and those that could cause a lot of pain?

How Does DDoS Work?
A DDoS (distributed denial of service) attack can be quite damaging for businesses, institutions or providers whose income or service depends on users visiting their websites. 

They are called “distributed” because they use multiple remote computers to launch denial-of-service attacks. 

These attacks are surprisingly simple. There are many tools available that anyone can download and use, thanks to their easy interfaces. Software like LOIC (Low Orbit Ion Cannon), XOIC, HULK (HTTP Unbearable Load King) or Saphyra are some of the tools that hackers use for denial of access attacks.

But when only one person runs one of these tools it’s just a DoS attack, without the “distributed” part, and it’s usually not enough to cause any problems. Servers can easily handle them when they come from just one source; the problem is when there are hundreds or thousands of sources.