An Introduction to Denial-of-Service(DoS) attack
Cyber attacks are increasing at a rapid rate all over the world. Some cyber-attacks target a specific company or organization. DoS attack is one of them.
A lot of resources is a need to do this type of cyber-attack. DoS attacks can disrupt or completely stop a website or server for some time or even days, depending on the severity of the attack.
In this article, We will see the DoS attack, some famous DoS attacks, types of DoS attacks, how to prevent a Dos attack, etc.
Let’s dive in.
What is Denial-of-service(DoS) attack?
We will understand this using bullet points.
- It is a type of cyber-attack.
- It is a targeted attack.
- The target could be a website, server, or network.
- This attack intends to stop or disrupt the target so that anyone can’t use it.
- The attacker does this by bombarding the target with heavy traffic or sending any information that can trigger this.
Most famous DoS attacks
The target could be a company’s website or server, which is essential for a company to provide services to their customer.
Many companies suffer from these attacks. But there are big companies also that suffered from a DoS attack. Some of the most famous DoS attacks are the following:
Microsoft Attack
- This attack happened in November 2021.
- Microsoft previously stopped two attacks having 2.5 Tbps (terabytes per second).
- It was the biggest-ever recorded DoS attack, with a peak speed of 3.5 terabytes per second (Tbps).
- The attackers used UDP (user datagram protocol) in this attack.
- This attack initiates from around 10000 devices all over the world.
- This attack lasted for 15 minutes.
Google attack
- This attack happened in June 2022.
- The target of this attack is a customer of Google Cloud Armor.
- Google itself revealed this attack later with a pdf.
- This attack starts with around 10000 requests per second and goes to 1 lakh eight minutes later. The peak is about 46 million requests per second.
- Around 5000 sources are participants in this attack.
- This attack was detected early by the company & which acted by limiting the incoming traffic to their servers.
AWS attack
- This attack happened in Feb 2020.
- The peak requests are around 2.3 terabytes per second.
- This attack was for an AWS customer.
- CLDAP servers are the source to initiate this attack.
- It was one of the deadliest DoS attacks at that time.
Main purpose of a DoS attack
Some of them are the following:
- The attacker can demand money to stop the attack.
- There are chances that a competitive company is behind this attack.
- An attacker can initiate an attack against government websites to protest or for the fulfillment of their demand.
- A reason might be that the attacker has a personal vengeance against the victim.
Types of DoS attacks
The DoS attacks can be categorized mainly into three types. These are the following:
Resource exhaustion
In this type of DoS attack, the purpose of the attacker is to exhaust all of the resources of the victim’s system.
Flood attack
In this type of DoS attack, the attacker sends multiple network requests that the target’s server can’t handle. It will result in the complete shutdown of the server (customers will not be able to use it). This situation is also known as the server-down situation.
For example- Whenever the result of an exam is declared, the website stops working within some time. It is due to the large number of requests sent to the server at that time. Due to this, the server is unable to process the requests & the website stops working.
Crash attack
The main aim of a Crash attack is to surpass the server’s capacity. Due to this, the server got crashed and stopped working.
Distributed denial-of-service (DDoS) attack
The purpose of this attack is the same as other types of DoS attacks.
The main difference with other attacks is that source of origination is not a single location. The source of the DDoS attack is multiple locations. It makes it harder to locate the attacker.
DoS attacks: How do they work?
Different types of DoS attacks can occur differently. A victim might suffer from a flood attack, resource exhaustion, crash attack, or a DDoS attack.
Let’s take an example of an E-commerce website. Whenever a visitor goes to the website, his system will send a request to the website to access the website.
The website’s server will check whether the request is valid or is a bot. If the network request is found legit, the server sends the website’s content as a response to the visitor’s system.
The attacker will send thousands or even lakhs of such requests. The server will exhaust its resources to resolve the request. When the server’s resources get exhausted or if the number of requests passes the set limit of the server, the server will crash or shut down. Due to this, website visitors are unable to use the website. Ir will create inconvenience to their customers and staff.
Comparison of DDoS attacks and DoS attacks
| DDoS attack | DoS attack |
|---|---|
| It is a type of DoS attack | DoS comprises of four types of attacks (including DDoS) |
| Every DDoS attack is a DoS attack | Every DoS attack is not necessarily a DDoS attack |
| Attack initiates from multiple locations toward the target | This attack generally starts from a single location |
| DDoS attacks are more effective (around 90% success) and costlier as compared to DoS attacks. | Less effect & we can do it from a single computer also. |
What are some signs a computer is under a DoS attack?
Although it’s not easy to track a DoS attack, there are some signs we can use to track DoS attack. Some of them are the following:
- Any file or your website is taking a long time to load
- If there is a sudden increase in traffic
- The server is down (the website is not working)
- Problem connecting to the Internet
- A large number of email is coming (spam emails)
What can you do to prevent DoS attacks?
So far, we have seen DoS attacks, their types, and signs to identify a DoS attack.
Now we will see how to prevent a DoS attack.
Analyze network traffic
A sudden increase in network traffic is a possibility of a DoS attack. You should often check your network traffic. You can set a network cap (the server will notify you once traffic surpasses the set limit).
Create and practice a DoS attack
It will be a nightmare while facing a DoS attack for the first time. It is a suggestion to practice a DoS attack on your own. So that you don’t panic while you face a real-world DoS attack. It will be easier for you and your team to identify a DoS attack, as you have seen it before.
Response plan
A response plan is a must need to prepare for a future DoS attack. If you ever face such an attack in the future, you can respond to it as early as possible. It will help to minimize the effect of the attack.
Improve your security posture
Your security posture plays a crucial role while defending against a cyber attack. Make sure your servers are safe and have no loopholes or bugs. You can automate threat detection using third-party SaaS software. Your staff should have basic cybersecurity training.
Reduce the attack surface area
Attack surface area consists of all the points (employee portal, employee credentials, etc.) an attacker can exploit to enter your server or organization. Use strong passwords and protect your website with an SSL certificate. You should keep a backup of all your data in a secure place (cloud or external drives). It will help you in case of a ransomware attack (all your files lock until you pay the ransom).
Monitor traffic
You should monitor incoming traffic to your server or website. A sudden increase in your traffic could be a sign of a DoS attack. You can do this using software.
Deploy firewalls
A firewall is one that faces any attack on your server or website. If your firewall is strong enough, your system may withstand some small or even large DoS attacks. You should regularly update your firewall, as new bugs and attacks come frequently. You should limit access to your servers and databases to only authorized and trusted people.
Conclusions
I hope this article helps you to understand DoS attacks, their types, and preventions. Now let’s go forward to some FAQs.
Frequently asked questions to Resolve (FAQs)
What is a denial of service attack?
It is a cyberattack that stops relevant users from accessing a website by flooding or shutting down the server.
How does a DoS attack work?
The working of a DoS attack is explained above in the article.
What types of DDoS attacks are there?
Application layer, volumetric, and Protocol layer attacks are three major DDoS attacks.
Do you know what a denial of service attack is?
It is a type of cyber attack. Refer to the above section for details.
What kinds of DDoS attacks are there?
Application layer, volumetric, and Protocol layer attacks are three major DDoS attacks.
Sharing is caring
Did you like what Ankur Balwada wrote? Thank them for their work by sharing it on social media.