DDoS Attacks are insidious invasions of network domains that make them unavailable to the constituencies that the network serves.
First, they make network resources unavailable to customers, prospectors, partners, employees, contractors, patients and others why may depend on the network services.
Second, they may be ruses, designed to take primary firewall defenses offline and opening the network up to more nefarious types of attacks that place malware into the network through the less then optimal defenses that come into play when the primary defense is taken off line.
They are hard to detect in that they use normal, well formed, traffic requests to flood the targeted network until the overwhelm devices and applications. It is not as if they are using recognizable malformed packets. These are normal traffic requests like those that come from legitimate requests.