Description
Source: TH
Disclaimer: Copyright infringement not intended.
Context:
- In January 2025, Karnataka’s Kaveri 2.0 portal faced serious issues.
- This portal was launched in 2023. And It helps people to register property.
- But in December 2024 and January 2025, cybercriminals attacked this portal. And because of this attack there were severe disruptions.
- Initially it was ignored asa technical glitches but later confirmed as a Distributed Denial of Service (DDoS) attack.
What is a DDoS Attack?
In this DDoS attack, multiple computers overwhelm a website or online service with too much traffic.
This too much traffic of data made the website crash or slow down. Which makes it unavailable to real users.
- Botnet is a group of infected computers or devices, which are used to carry out the attack.
- Main Goal is To block users from accessing the site or service.
But in this kaveri 2.0 attack, there were many Fake accounts created.
Then a huge number of requests flooded the system.
At a point, the portal received 6.2 lakh requests in just 2 hours.
And, This attack caused huge delays in property registrations and other services.
How Does a DDoS Attack Affect Websites?
- If the portal is down then services will not be available, which can lead to financial losses.
- Sometimes, These attacks hide other attacks, for example data breaches.
- Repeated attacks can create the trust deficit in the users of the site.
How to Protect Against DDoS Attacks?
- There are many Tools that can separate real traffic from fake traffic & block them.
- There should be the Limits for number of requests, a user can make in a short period. It reduces the chance of being overwhelmed.
- There should be tools like CAPTCHA (those puzzle questions) to stop bots.
- Strong security like passwords & multi factor authentication.
- There must be awareness for people which can avoid common attacks like phishing.
-
- Phishing is an attack in which cybercriminals attempt to manipulate the user to give sensitive information (usernames, passwords or credit card details).
- This is mostly done through fake emails, websites or messages that appear to legitimate sources.
Other Examples of DDoS Attacks:
- X (Twitter): In August 2024, Elon Musk’s company also faced the same massive DDoS attack that caused delays.
- GitHub: In 2015, GitHub was attacked by a botnet based in China which affected their services. GitHub is owned by Microsoft.
Source: TH
|
Practice Question:
Q.With reference to DDoS attacks, consider the following statements:
- A DDoS attack floods a website with traffic and then makes it unavailable for users.
- A botnet is a network of infected devices which is used to launch DDoS attacks.
- DDoS attacks aims to steal user data like passwords & credit card details.
- DDoS attacks can be prevented by using CAPTCHA & limiting requests/user.
Which of the statements is/are correct?
(a) 1 and 2 only
(b) 1, 2, and 4 only
(c) 2 and 3 only
(d) 1, 3, and 4 only
Answer: (b)
Explanation:
●Statement 1 is correct: A DDoS attack floods a website with fake traffic to make it unavailable.
●Statement 2 is correct: A botnet controls infected devices to carry out DDoS attacks.
●Statement 3 is incorrect: DDoS attacks aim to block the access but not steal data.
●Statement 4 is correct: CAPTCHA & request limits can help to prevent DDoS attacks.
|
