What are Zombie DDOS attacks? Definitions & Meanings

Learn What Are Zombie DDOS attacks. Understand how Zombie IOT Botnets can crash your website


1Wondering what are Zombie DDOS attacks?Can your camera or your humble DVR actually attack you?

The recent Zombie DDOS attacks on Dyn that brought large parts of the internet down seem like the stuff you read in science fiction. The Mirai Botnet IoT DDOS attacks used your compromised DVRs and other IoT devices to launch an attack.

Fundamentally, why did the attack happen? Poorly designed IoT devices is the prime reason for the DVRs and other IoT devices being turned into Zombie DDOS attackers by botnets. Another reason why you shouldnt be buying the cheapest DVR in the market!

2Steps How A Zombie DDOS attack is launched

A chronology of events that lead to Zombie DDOS attacks thru botnets :

  1. Zombie DDOS attacks are launched by compromised PCs, servers or IOT devices.
  2. These Zombie Devices are compromised typically through poor security standards.
    zombie iot devices
  3. If these zombie devices are connected to more devices, the connected devices become zombies too.
    These bots then form an army of zombie devices, collectively called a botnet.
  4. The zombie devices wait, ready to do the bidding of the person who controls them.
    The controller of the zombie device army decides to attack. Finally, the zombie devices launch a blistering Denial Of Service (DDOS) attack on the target website.
    zombie ddos attacks

3Recent IOT Botnet DDOS attack

Recently, the Mirai botnet DDOS attacks brought down large parts of the internet. The brutal DDOS attack used an army of zombie IOT devices to launch the attack.

The zombie army of IOT devices launched an enormous attack on the DYN domain servers. As a result,there was internet outage in many parts of the world

4How do you protect your website from a zombie DDOS attack

If you are a small business, and you are threatened by a dangerous botnet Denial Of Service attack, all you can do is to pray! Jokes aside, you can follow these 17 Steps to protect your website from DDOS attacks

If you are a large company, implementing the DDOS protection steps will probably save your website from denial of service crashes. However, if you are a small business, a powerful Zombie Denial Of Service botnet attack can probably crash your website for at least a few hours. At the very least, you should implement these two DDOS protection techniques :

  1. One option is to at least sign up for cloud based DDOS protection thru providers such as Cloudfare, Akamai or Incapsula.
  2. Another option is to use a cloud based DNS provider, such as Google Cloud DNS, to get redundant DNS servers. This will protect your website from Zombie DDOS attacks on your DNS providercloud dns for ddos protection


    • Dave

      You are absolutely right. There were some noises about the US Government imposing some strict guidelines to ensure security features for IoT devices. But that move seems to have fizzled out. The security aspects of IoT devices are terrible.

  1. Thanks for this..we did a scan of the IOT devices in our department..largely wifi printer and bluetooth speakers.Guess what:we found 3 Mirai botnet compromised devices

    • Doug, that’s scary but not surprising. CCTV cameras are usually the ones taken over by the Mirai botnet. You may want to check those as well


Please enter your comment!
Please enter your name here