DDoS Attacks: Digital Vandalism or a Security Threat?
Imagine thousands of people banging on your door all at once – not because they want to get in, but to prevent anyone else from entering. That’s essentially how a DDoS attack works. It doesn’t destroy data, but it can paralyze a website, service, or infrastructure. And that’s exactly what makes it one of the most widespread cyberattacks today.
The abbreviation DDoS stands for "Distributed Denial of Service," which refers to both the attackers’ goal and the method of the attack. Their aim is to make an online service – such as a website, e-shop, or application – unavailable so that regular users cannot access it. The attack is not launched from a single computer, but rather through a large network of compromised devices from around the world, known as a botnet. It is this "distributed" nature of the attack – originating from many different locations at once – that makes it so difficult to stop. Blocking just one device is not enough, as the attack comes from thousands of others.
According to one of the world’s most well-known hackers, Kevin Mitnick, DDoS attacks have nothing to do with traditional hacking – in his view, the perpetrators of these attacks are more like digital vandals than actual hackers. They are not interested in stealing data or breaching security, but simply in disrupting operations, often without requiring any significant technical skill.
Defending against DDoS attacks isn’t easy, but it’s certainly not impossible. There are various services and technical measures that can detect an attack and mitigate its impact. Companies can protect themselves, for example, by setting up protection through specialized providers or cloud platforms that help filter out malicious traffic and keep their services accessible.
Attackers’ Motivation
Attackers’ motivation is often financial, and they frequently work on commission. Imagine trying to quickly order a gift during the holiday season – demand is high and time is short. But when you visit a popular retailer’s website, the page is unavailable. You don’t wait and order the item elsewhere. Just like you, thousands of other customers make the same choice, and the original e-shop can lose millions of crowns within just a few hours. On the dark web, there are DDoS-for-hire services that allow even inexperienced amateurs to easily organize a DDoS attack – often for just a few dollars. This accessibility makes DDoS attacks a threat not only to large corporations but also to smaller businesses, e-shops, or nonprofit organizations. Virtually anyone can become a victim.
However, not all attacks are driven by profit or competition. In some cases, DDoS attacks are organized by activists as a form of protest against political or social decisions, aiming to draw attention to what they perceive as injustice. A DDoS attack can thus serve as a form of digital civil disobedience. This was the case, for example, at the start of the Russian invasion of Ukraine in 2022, when thousands of people from around the world [1] – including some students from Masaryk University – spontaneously joined DDoS attacks against Russian targets.
Although these activities were motivated by goodwill and solidarity with the invaded country, they also carried significant risks. The tools used to participate in the attacks may have seemed simple and accessible at first glance, but using them could compromise the security of those who launched them. Moreover, it’s not always possible to be certain who created and controls a given tool. There were instances where similar initiatives were in fact orchestrated from the other side of the conflict – for example, by Russian intelligence – and merely posed as Ukrainian. Since the configuration is often downloaded from a remote server, such a tool can ultimately target any victim chosen by its creator.
If you’re interested in learning more about DDoS attacks, check out the interview with the head of Masaryk University’s Cybersecurity Team, Tomáš Plesnik, on ČT24 (starting at 5:55), where he talks about DDoS attacks, especially in connection with Russian hackers.
DDoS attacks don’t spare the Czech Republic either. On a smaller scale, they are also carried out by state-sponsored actors, most often in connection with geopolitical tensions. A record number of such attacks was recorded by the Czech National Cyber and Information Security Agency (NÚKIB) in October 2024, with a total of 30 incidents – the highest number ever recorded in a single month. Most of them were attributed to the Russian-speaking hacktivist group NoName057(16), which experts say has been involved in several attacks in the past. In the summer of 2023, their attacks targeted Czech banks, which experienced outages in online and mobile banking services as well as website disruptions. At the time, the attackers demanded that these institutions stop supporting Ukraine [2].
Impact on Users
DDoS attacks are often characterized by the fact that their impact is not directly noticeable to the average user – aside from a specific website failing to load. Paradoxically, however, a user may unknowingly become part of the attack. Not the person themselves, but their device – such as a computer, smartphone, or even a router. If it is infected with malicious software, it can become part of a so-called botnet – a network of devices that, without their owners’ knowledge, send requests to the targeted service.
Realizing that your device is part of a botnet is not easy. Unlike ransomware, which locks your files and demands a ransom, the malware used in DDoS attacks is often completely invisible. The device continues to function normally, and the user may not notice anything unusual. Meanwhile, the malware runs in the background, helping attackers overwhelm target servers. However, there may be warning signs – such as unusually slow internet connection, devices overheating even with minimal use, and so on.
It’s better to prevent infection in the first place, ensuring that no malware makes it onto your computer. As with ransomware, the key is to keep your operating system up to date and be cautious when downloading files from unknown sources. An antivirus program can also help – run a scan from time to time to detect any potentially harmful files.You can also check whether your router is part of a botnet by visiting https://amihacked.com/ or running an antivirus scan.
Final Word
DDoS attacks may not be as visible as other forms of cyber threats, but their impact can be enormous – from taking down popular websites to disrupting the operations of entire institutions. They don’t require complex hacking skills, and with readily available tools, virtually anyone with motivation can launch one. Although regular users often become victims only indirectly, it’s important to realize that their devices can unknowingly be used to carry out an attack. In this case too, prevention and safe online behavior not only protect you, but also help others by ensuring you don’t become part of the problem.