DOS attack

 

In 2017, 33% of businesses experienced a DoS attack. The result of such an attack leaves a business helpless in some situations. Now in 2020, DoS attacks have only increased in occurrence since 2017. Now the question is, what makes this type of attack so detrimental to an organization?

 


 

What is a DoS attack?

If you are someone who is outside of the cyber security realm, a DoS attack may be a foreign term. Although, with the recent jump in the use of the attack, attention is brought to it on the news and online. 

By definition, a DoS (denial of service) attack is, “a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet.”

To break down the definition, what this means is that an attacker has the ability to temporarily shut down a company network. This then causes many issues for a business if it cannot access its network or key functions of the facility. 

 

How does a DoS attack work?

Now that the basic definition of a DoS attack has been established, let’s start looking into how the attack works.

To begin, a DoS attack happens when an attacker either floods a network with too much traffic for it to handle or shut service down completely. 

Here are a few examples from Palo Alto Networks on the different types of DoS attacks:

  • Buffer overflow attacks – the most common DoS attack. The concept is to send more traffic to a network address than the programmers have built the system to handle. It includes the attacks listed below, in addition to others that are designed to exploit bugs specific to certain applications or networks
  • ICMP flood – leverages misconfigured network devices by sending spoofed packets that ping every computer on the targeted network, instead of just one specific machine. The network is then triggered to amplify the traffic. This attack is also known as the smurf attack or ping of death.
  • SYN flood – sends a request to connect to a server, but never completes the handshake. Continues until all open ports are saturated with requests and none are available for legitimate users to connect to.

 

DoS in the Wild

To continue many large corporations have fallen victim to DoS attack. Those victims include Netflix, Microsoft, Skype and Wikipedia

Earlier this year around the beginning of September, Wikipedia – a free, open content online encyclopedia, fought off a nasty DoS attack. To explain, the attack entailed an old-style volumetric flood designed to overwhelm the company’s web servers with bogus HTTP traffic.

Simply put, some attackers sent a load of traffic to the useless traffic, and overwhelmed the site. Thus, shutting it down. The site then became unavailable in Europe, Africa, and the Middle East, then the US and Asia followed. This just goes to show the power that a DoS has on a major business like Wikipedia.

 

How to Prevent a DoS Attack

All in all, a DoS attack can be quite difficult to prevent and fight against. Most of the time, business have to wait until they can gain access again to go in and do the clean up. This type of attack is time consuming and also frustrating for businesses, most of the time leave them and their customers helpless and without service. 

To continue, some companies implement a reverse proxy to help combat DoS. This checks the traffic before it enters the actual web server. Instead of allowing most traffic to one web server, it spreads out the traffic to multiple other servers to prevent a DoS attack.

In short, bringing awareness to this type of attack may help to bring discussion to it as well. With discussion may come the next step in stopping DoS all together. Who knows? One thing may lead to another and then we might have ourselves a solution to DoS. 

But as we all know when one cyber security attack is mitigated, a new and improved one is always around the corner. 

 

By Taylor Ritchey

 

Are