What is DDoS and how to mitigate attacks?

Short answer

A DDoS attack overwhelms a target with massive volumes of traffic from distributed sources, rendering services unavailable to legitimate users.

How it works

Attackers recruit botnets of compromised devices to flood targets. Volumetric attacks consume bandwidth. Protocol attacks exhaust connection states. Application-layer attacks mimic legitimate requests to deplete server resources.

Example

A DNS amplification attack sends small queries with spoofed source IPs to open DNS resolvers. The resolvers send large responses to the victim, overwhelming their pipe.

Why it matters

DDoS causes downtime, revenue loss, and reputational damage. Mitigation requires preparation because reacting after an attack begins is often too late.