All these steps are highly automated. A cautious intruder will begin by breaking in to just a few sites, then using them to break into some more, and repeating this cycle for several steps. By the time they are ready to mount the attacks, they have taken over thousands of computers and assembled them into a DDoS network. Once the attacker has installed the DDoS software, the attacker runs a single command that sends command packets to all the captured computers, instructing them to launch an attack (from a menu of different varieties of flooding attacks) against a specific victim. When the attacker decides to stop the attack, he or she sends another single command.