In very simple terms, a DDoS attack is a “stream” of calls to your website/server that floods the capacity of said server, thus disabling it from working properly. DoS attacks generate those calls from a single source, whereas DDoS orchestrates from multiple sources thus making it more difficult to stop. The ways attackers go about it can vary significantly, but what is definitely observable is that the magnitude of these attacks is growing each year.
What needs to be said is that DDoS attacks as methodology and goals do not aim to breach the website. The attackers are not here to plant anything malicious on your server or website nor are they here to steal data. The primary goal of such attacks is to overflow the server capacity and make it inaccessible. In some scenarios, there were ransoms requested to stop the attack, in others the attack was a “simple” demonstration of power.