What are Denial-Of-Service (Dos) Attacks?
In the next article on the different types of cyberattacks, our cybersecurity team talks about an increasingly common threat – Denial of Service (DoS) attacks. DoS attacks are among the wide range of criminal activities that became more common after 2020. These attacks can bring online services to a sudden halt and cause extended periods of downtime and financial losses. So, what are DoS attacks? How can you prevent them? Let’s find out.
What are DoS attacks?
A denial-of-service attack is a cyberattack that obstructs a network or a website such that users are unable to access the service anymore. Since a DoS attack can be orchestrated from any location, tracking the ones responsible for it is usually tricky. Hacktivists (hackers who want to promote a social cause) and money-minded cybercriminals often use this form of cyberattack.
How do DoS attacks work?
DoS attacks do not depend on a particular code but an innate vulnerability present in network communications.
When you visit a website from a device, it sends a packet of information to the site requesting access. The site will send a message back to ensure you’re authentic before letting you get into the homepage. Every action you make on a website continues this way. In DoS attacks, a manipulated computer will send hundreds of thousands of access requests. The server will reply back to verify the identity and wait for a response, and close the connection when it doesn’t get one. The computer will continue sending requests, using up all the resources of a server, subsequently blocking out genuine users.
Forms of DoS attacks
DoS attacks usually take two forms- one that floods web services and one that crashes the services.
- Flooding attacks– They are more common than crashing attacks. The target system will get a sudden flood of traffic that overwhelms the system and eventually stop it. ICMP floods and SYN floods are the two main variations of flooding attacks.
An ICMP flood or ping flood takes advantage of misconfigured devices of targeted systems via spoofed data packets. On the other hand, an SYN flood uses a flaw in TCP connection to shut down the server by keeping the ports engaged and sending an influx of new requests simultaneously.
- Crash Attacks – In crash attacks, the attackers will transmit bugs to the system. These bugs will exploit the system’s vulnerability and cause it to crash.
What is distributed Denial-of-Service (DDoS) attacks?
Distributed denial-of-service (DDoS) attacks are DoS attacks that use multiple systems, maybe even thousands of systems, to attack the target. The attacks use computers and employ webcams, smart televisions, and other IoT devices to shut down a website or network.
Types of DoS attacks
DoS attacks are classified into distributed denial-of-service attacks, network-targeted DoS attacks, system-targeted DoS attacks, and application-targeted DoS attacks.
- Network-targeted DoS attacks, also called bandwidth consumption attack, uses up network bandwidth and stops legitimate traffic to targets. The users will then be unable to access the network.
- System-targeted DoS attacks will deplete resources such as memory, disk space, and CPU to prevent the proper functioning of the targets. The outcomes of such attacks can vary from minor disruption in the workflow to a permanent alteration that requires the replacement of the system.
- Application-targeted DoS attacks will trigger flaws in the application to crash it or exploit existing application behaviours to deny service to users. Locking users out of their accounts is an example of this.
How can you prevent and subdue DoS attacks?
Early detection is crucial to defending yourself against a DoS attack. Here are some simple steps to identify and stop DoS attacks quickly.
- Always use website hosting services that offer extra protection.
- Keep your system and software updated with the latest security patches.
- Enable firewalls and configure your routers to keep out suspicious traffic. Ensure your routers and firewalls are updated.
- Use anti-DDoS technology that will notify you when there are abnormal spikes in network traffic.
- If your company is under a DoS attack, contact your ISP to check for rerouting options.
- ISPs can employ “black hole routing” to direct excess traffic to a null route. While this will stop system crashes, keep in mind that it will route legitimate and attacking traffic alike.
We hope this article answered your question- “What are denial-of-service attacks?”. DoS attacks are becoming common and more sophisticated, especially with the increasing usage of IoT. Learning about such cyberattacks and taking the necessary precautions will keep your systems and networks safe. Do you need assistance in building a fool-proof cybersecurity strategy? Contact us or email us at firstname.lastname@example.org for ultrasafe security plans for your business.
Computing Australia is a member of The Computing Australia Group of Companies.
ICMP: An Internet Control Message Protocol (ICMP) flood, also known as a Ping flood attack, is a DoS attack in which an attacker tries to bring down a targeted device with ICMP echo-requests or pings.
SYN flood: A SYN (short for synchronize) flood, also referred to as a half-open attack, is a DoS attack that floods a server with connection requests without responding to the corresponding replies.
ISP: An internet service provider (ISP) is a company that offers internet and internet related services to individuals and other companies.