What is a DDoS Attack?
For a lot of us without an understanding of network security, it is easy to think about DDoS attacks as a single thing companies can simply solve. But the term DDoS covers a large class of malicious attacks on network or internet infrastructure, so while some defenses may be simple, others are not so easily constructed.
Some DDoS attacks flood servers with traffic in order to bring them down, but the most common DDoS attacks work at a network layer, blasting senseless traffic at target systems, in this case Microsoft and Google, hoping to overwhelm them and exhaust all available bandwidth.
However, other denial-of-service attacks can include locking other users out, like through multiple failed password reset attempts knocking out your services. Administrators and software must Identifying the attacker against all of the legitimate traffic.
Unstopped, and it's very difficult, the lethal traffic ends up causing a shutdown of the target servers, and/or squeezing out legitimate traffic to and from the target.
Why are DDoS Attacks so Difficult to Defend Against?
The mix of distributed attacking traffic and legitimate traffic during a DDoS attack is precisely why they’re so hard to defend against. When you’re being simultaneously bombarded by hundreds or thousands of attackers it takes valuable time and bandwidth that you and I don’t have. Some companies choose to treat DDoS attacks as an occasional inconvenience, as it's just so difficult to defend against them.
What Can Companies Do?
We need to get tougher at finding where these attacks originate and with government help in international cases pursue them to the end. Prosecution without fail will deter them, new technologies are needed to stop them! We take this very seriously and have many systems in place to protect our network, as an end user you can take Microsofts advice and tighten your own network down: http://msdn.microsoft.com/en-us/library/cc722931.aspx