US Was the Target of a Major DDoS Attack, but What Does That Mean?

It's easy to live in a bubble and not think about things that don't really impact us. If the world has taught us anything in the past few months, it's that we really need to step outside our bubble and be aware of the things that are happening in the world. Some of these issues are complicated, like the US DDoS attack that recently happened, but ignorance may end up hurting us all.

A distributed denial of service (DDoS) attack is "a malicious attempt to disrupt normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic," according to Cloudflare. 

The company continues its definition saying, "From a high level, a DDoS attack is like a traffic jam clogging up with highway, preventing regular traffic from arriving at its desired destination." 

And that sums it up really well – a DDoS attack is when a person or organization floods the servers of another company in order to disrupt the service it gives to other people. The most common way to do this is to flood the site or service with traffic, overloading what the company is able to handle. 

Think what would happen if something like that happened to the servers that host Facebook. Or Slack. Or if an organization did the same type of attack but targeted cell towers and cell phone or internet providers, banks or websites.

It sounds silly on the surface, but these can be really disruptive and cause a widespread issue. In all of these situations, a DDoS attack can put a large pause on important services and create a bottleneck in how people talk to each other or get their information. 

These things do happen in the states, and they can be done in a widespread way. The most recent appears to have happened on June 15 where the DDoS attack targeted cell phone companies. A massive cell phone service outage impacted thousands of customers on the T-Mobile, Verizon, Sprint, and AT&T networks. 

The hacker group, Anonymous, tweeted that the outages were a result of a major US DDoS attack.  

In a second tweet, Anonymous wrote, "The source of the DDoS attack on the United States is currently unknown. We speculate it may be China as the situation between South and North Korea is currently deteriorating."

Not everyone believed Anonymous' take on the DDoS attack or the downed cell service. MalwareTech, an account that talks about "Cybersecurity, Malware, Hacking, Programming, and Infosec" replied to the tweet to say that Anonymous may be jumping to conclusions. 

MalwareTech tweeted, "[The site Anonymous linked to] show [sic] a random sample of global DDoS traffic badly plotted on a world map. It does not indicate an attack against the US, it lacks context to make any inferences at all (other than DDoS attacks are happening all day every day)." 

According to the official website of the Department of Homeland Security, DDoS attacks are identifiable by networks or websites that are unusually slow, unavailable to access, or won't load. That's what happened on June 15 when cell phone customers were unable to use their phones. 

The issues started around 2:45 p.m. ET and hit people all across the US—and was such a big issue that it started trending on Twitter since that was the easiest way customers could reach for support, since they couldn’t call. 

The source of the DDoS attack, should Anonymous be correct in their statement, is still unknown.