A Denial-of-Service (DoS) attack is a type of cyber attack in which the perpetrator aims to shut down a machine, information systems, or network resource by interrupting its normal functioning, making it inaccessible to its intended users. A DoS attack is usually done by flooding the target with information or traffic to overwhelm it, triggering a crash. A defining aspect of DoS attack is the use of a single computer to launch the attack, differing it from a Distributed Denial-of-Service attack, which comes from many distributed sources.
Impact of a DoS attack
As a result of rendering a machine, information system, or network inaccessible to intended users, a DoS attack can impact services such as websites, emails, online accounts, and any other service that relies on the target affected. For this reason, the intended targets are usually higher-profile business or organizations, and the attacks can cause a significant loss financially and in terms of time. Businesses can lose significant revenue by this type of temporary or indefinite interference, with customers opting for a more reliable competitor instead. For the duration of an attack, resources are unretrievable and processes critical to running a business or organization are unable to be controlled.
How a DoS attack is performed
There are two main ways a DoS attack is performed: flooding services or crashing services. The former is done by flooding the intended target with traffic causing the server to significantly slow down and eventually stop. The latter is done by sending the intended target information that results in a crash. In this case, the DoS attack is focused on a system or service vulnerability, where information that exploits something like a bug in the intended target is sent, which crashes the system, making it inaccessible. Such bugs may not even be vulnerabilities, but rather a simple case of a non-optimized database query triggered by a certain HTTP request causing the server to run too slow.
How to monitor for DoS attacks
There are some similarities between a DoS attack and some non-related and non-threatening issues, making a DoS attack potentially difficult to diagnose right off the bat. For example, in the case of network availability problems, both situations cause technical problems. Or a very unexpected and sudden surge in traffic could be the result of a mention of a website in a viral article. However, in the case of a DoS attack, the following are also indicators:
- Slow network performance, causing a lag in opening files or accessing websites
- Complete unavailability of of a certain website
- Unavailability of all websites
Monitoring traffic through a firewall or a system specifically designed to identify intrusions is a helpful way to be aware of any potentially suspicious activity, and to deal with it accordingly.
How to prevent or reduce effects of a DoS attack?
While there is always a risk of a cyber attack like a DoS attack occurring, there are preventative measures a person can take to make them less likely, or at least reduce their overall effect.
The first and simplest step is to strengthen the security of all devices by installing antivirus software, a firewall that monitors traffic, setting up rate limits for incoming traffic, and identifying and neutralizing any vulnerabilities. In the unfortunate event that a DoS attack occurs, having a company- or business-wide plan set in place so communication, mitigation, and service(s) can continue to operate, even if limited, can be very helpful. While some hosting providers do automatically include security services to protect a website against attacks like DoS, such as 10Web’s AI-Powered Automated Platform, enrolling in a third-party DoS protection service that can protect your device or system from running out of quota or help filter and redirect unwanted traffic flows is also a good security investment.