by peter

Share

Denial of Service Attack Explained

Risk

Risk Rating: HIGH
Likelihood: 3/5
Impact: 5/5

Causes

  • Lack of Web Application firewall
  • Lack of monitoring
  • Poor coding

Denial of Service Attack Overview

In 2000, a 16-year-old hacker known as Mafiaboy launched one of the most famous denial-of-service (DoS) attacks that took a host of major players offline including CNN, eBay, Amazon and Yahoo. According to reports, Mafiaboy broke into dozens of networks to install malware designed to flood targets with attack traffic. Because many sites were under prepared for such an assault, the attack lasted about a week as the targeted organizations struggled to figure out what happened and how to get back online. Mafiaboy was eventually arrested in April 2000 and sentenced to juvenile detention. Twenty years later, DoS attacks (many of which are DDoS) continue to be on the rise and are some of the most common attacks faced by organizations, targeting around a third of all businesses.

What you need to know about Denial of Service Attacks

A DoS attack is where cyberattackers seek to make a machine or network inaccessible to its intended users. DoS attacks can be executed by either flooding networks with traffic or by sending information that triggers a system slowdown or complete crash. As with DDoS attacks, DoS attacks tend to focus on high profile organizations or ones with popular, public-facing websites such as banking, ecommerce, media or government institutions. DoS attacks deprive legitimate users of the service they want to access, and cause extensive damage to the victim, due to security and cleanup costs, loss of reputation, loss of revenue and customer attrition.

Defending against a Denial of Service attack can be quite straight forward but there are a number of aspects of defense that must be considered.

  1. The majority of Denial of Service attacks are caused by exposed vulnerabilities in systems. Ensure your systems are patched and up to date, ideally within 14 days of patch release as advised by the NCSC in their Cyber Essentials Standard.
  2. Perform vulnerability scans every month and FIX the issues identified.
  3. Configure your firewalls to prevent your network from being flooded with traffic.

How Denial of Service attacks happens

How the attack happens: DoS attacks occur in one of two ways: by flooding or crashing a targeted network. In flood attacks, cybercriminals bombard victim computers with more traffic than they can handle, causing them to slow or shut down altogether. Various flood attacks include buffer overflow attacks, ICMP flood and SYN flood attacks.

Other DoS attacks exploit vulnerabilities that prompt the target system to crash. In these attacks, bad actors exploit system vulnerabilities with malware that subsequently triggers a crash or severely disrupts the system.

Attack Sources

DoS attacks can originate from anywhere in the world. Attackers can easily mask their whereabouts so they can overwhelm victim computers, execute malware or conduct other nefarious deeds with the peace of mind that they won’t be detected.