Whenever a website goes down, two words are used more than others: DDoS and DoS. Not only do they sound similar, but they also have near-identical effects. But that’s not to say you can use them interchangeably.
So, DDoS vs DoS: which term do you use the next time your favorite website crashes?
DDoS vs DoS: They’re Not That Different
It’s best to start by addressing the confusing acronyms. DoS stands for Denial of Service, and DDoS stands for Distributed Denial of Service or Distributed DoS.
To understand what a DDoS attack is, you first need to get a grip on the concept of DoS. On its own, denial of service isn’t always malicious. It occurs when users can't access a website because its servers are filled up to capacity.
This can happen due to a variety of reasons. A post could unexpectedly go viral on a news site. As more people link to the same web page from their social media accounts, hundreds of thousands, if not millions, of users flood the website almost simultaneously to read the story.
Most large-scale websites, such as major news outlets and social media platforms, are equipped with high-capacity servers along with backup servers. That way, their websites are only down for a short period of time, if at all.
DDoS and DoS: From Incident to Attack
On its own, DoS is an inevitable occurrence to being online. But incidental DoS vastly differs from DoS or DDoS attacks.
Launching a DoS or DDoS attack is often the go-to for many cybercriminals, whether their goal is vandalism or cyber-terrorism. But unlike other types of cyberattacks, DoS attacks don’t require a lot of technical expertise to execute.
The difference between DoS and DDoS attacks is the source of the fake traffic. With a DoS attack, the perpetrator sends fake and rapid traffic towards their target website or online platform from a single location. Those attacks are easier to execute, but they’re also much easier to detect and block in time to prevent the server from crashing.
Additionally, DoS attacks have relatively low intensity and take a while to execute. DDoS attacks, on the other hand, compensate for everything DoS attacks lack.
A Distributed DoS attack means that the fake traffic is coming from multiple sources and locations, often utilizing bots from remote machines. DDoS attacks are much harder to anticipate and block since it takes a while for security systems to recognize the attack when it's distributed.
By the time the site’s security system recognizes the attack pattern, it’s sometimes too late. DDoS can pump a much higher volume of traffic that immobilizes the website almost immediately.
They’re Still a Big Issue
Due to their simplistic nature, you may think major websites have already found ways to stay safe, and that only small websites are affected. But that’s not the case. In fact, there are now multiple types of DDoS attacks.
The first-ever documented DoS attack was in February 2000 when a 15-year-old Canadian hacker managed to take down multiple e-commerce websites such as Amazon and eBay.
Amazon reported that they’ve mitigated an attempted DDoS attack in early 2020. The attack had a traffic rate of 2.3 Tbps—or Terabits per second. This equates to just over one trillion bits per second, beating the previous DDoS record of 1.7 Tbps that targetted GitHub in 2018.
They’re Not Going Away
With the introduction of 5G, the internet is getting faster. That along with the increase in internet and computer literacy and remote hardware availability—such as servers and IoT devices—means stronger DDoS attacks.
The only way to avoid a DDoS attack is to recognize it early before it overloads your servers. In theory, the answer is smarter fake-traffic detection and human verification.