Cyber Chasse- Fundamentals Of Denial

Fundamentals of Denial of service attacks

 

What are Denial of Service (DoS) attacks?

A denial of service (DoS) attack is an action by a malicious cyber threat individual or organization, which shuts down or restricts access to systems, devices and networks to legitimate users of an entity. Access to email, websites, secure online accounts and several other computer or network reliant mediums could be denied. DoS attacks either involve flooding the target host or network with traffic, or sending it information that cause the system to crash. These attacks are a severe drain on an organization’s resources.

 

Types of Flooding attacks

Popular flood attacks include:

Buffer overflow: This is the most widespread DoS attack. This attack is designed to direct more traffic to a network address than the programmers of a system anticipated.

ICMP flood: Also known as a smurf attack, misconfigured network devices are used to distribute spoofed packets to all computers on a given network. The network is then manipulated to amplify the traffic.

SYN flood: This attack involves multiple incomplete requests to a server, causing all ports on a server to be occupied and not accessible to legitimate users.

 

Other DOS attacks

These attacks make use of vulnerabilities in target systems or networks to cause systems to crash. These attacks undermine systems so that they cannot be accessed.

 

What is a DDOS attack?

A Distributed Denial of Service attack (DDoS) is an attack on a single target, deployed by multiple machines from different servers and locations. This attack is inherently ominous, since it has a higher magnitude and intensity than a traditional DoS attack while being difficult to trace because of multiple sources of attack.

These attackers often use a botnet to deploy attacks of this magnitude. They utilize security vulnerabilities to take over multiple devices and use them to deploy DDoS attacks on a given target. These botnets consisting of multiple compromised devices can also be provided to other malicious attackers, through the dark web. This means that even an amateur cybercriminal can easily attack unassuming entities.

 

The change in dynamic due to IoT

The phenomenon of Internet of Things (IoT) has caused an exponential increase in online devices. These devices often use default passwords and have weak security measures, making them the perfect vector to infiltrate an entity. These infiltrations are often undetected till they turn into a full-scale attack, affecting an entire organization.

 

Threat of DoS

The biggest threat with DoS is that an individual network can be affected even if the actual target network was its Internet Service Provider (ISP) or even cloud service provider. This means that there is a domino effect involved with this medium of attack, where multiple parties are at risk.

 

How to protect yourself against a DOS attack

DoS attacks are very much like the grim reaper; ominous and difficult to escape. However, there are ways to mitigate the risks involved and to protect yourself.

  1. Have a crisis management strategy designed to ensure proper communication and action planning in the case of an attack.
  2. Update all devices especially those connected to the internet and ensure they all have firewalls and the latest antivirus software installed.
  3. Formulate strong security policy or partner with a provider to design security policies for the protection of your employees and internal security.
  4. Delegating DoS prevention to a cloud-based service provider means that can leave the dirty job to experts and focus their resources on core functions. These cloud service providers have the expertise, resources and bandwidth to handle malicious traffic before it causes harm to an entity.