A Distributed Denial of Service (DDoS) attack is a coordinated attempt to crash a server or network by overwhelming it with more traffic than it can handle. Think of it as a thousand fake customers crowding a store entrance so real customers can't get in.
Most attacks don't come from one computer. Instead, hackers use a Botnet:a collection of thousands of "zombie" devices (computers, smart cameras, or even routers) infected with malware that all send traffic at the same target simultaneously.
The goal is simple: clog the "pipes." By sending massive amounts of raw data, the attacker saturates the bandwidth of the target until nothing else can get through.
These target the "handshake" process (like TCP SYN floods). The attacker sends thousands of requests but never finishes the connection, forcing the server to waste memory waiting for them.
Known as Layer 7 attacks, these mimic real human behavior. Instead of flooding the whole network, they might just spam the "Search" function on a website over and over, forcing the server's database to work until it crashes.
Modern protection (like Anycast networks and WAFs) acts as a giant filter. It spreads the "junk" traffic across hundreds of servers around the world, scrubbing the bad data and letting only the real users through to your site.