Understanding DoS: Denial of Service is an attack that aims at preventing normal communication with a resource by disabling the resource itself or by disabling an infrastructure device providing connectivity to it.
The disabled resource could be in the form of customer data, website resource, or a specific service, or name a few.
The most common form of DoS is to flood a victim with so much traffic that all available resource of the system are overwhelmed and unable to handle additional requests.
The attacker flood the victim network with extremely large amounts of useless data or data requests, thereby overwhelming the network and rendering it useless data or data request, thereby overwhelming the network and rendering useless or unavailable to legitimate users.
So what are the signs of a potential DoS attack? Here are a few that may indicate that a DoS attack is in effect:
- Unavailability of a resource
- Loss of access to a website
- Slow performance
- Increase in spam emails
NOTE: Be cautions with the warning signs. As with anything in this website, you will need to do further examination to determine if you have a genuine attack on your hands or just a localized network issue.
Typical victims of DoS attacks range from government-owned resources to online vendors and others, and the intent of the attack is usually the deciding factors in terms of which target will be engaged.
Consider a few simple examples to give you an idea of the impact of a successful DoS attack. From a corporate perspective, the focus is always on the bottom line.
A successful DoS attack against a corporation’s web page or availability of back-end resources could easily result in a loss of millions of dollars in revenue depending on company size.
Also, consider the negative impact to the brand name and company reputation. As you can see, the impact of a single DoS attack with specific directed intent can prove extremely damaging to the victim on many different levels.
Another theme that pervades DoS attacks, as well as other attack forms, is hackers who take action against a target based on principal or a sense of personal mission, which is known as hacktivism.
Hacktivists are a recognition; their success is measured by how much their malicious actions benefits their cause.
This thought process ties in nicely with DoS attacks in that the message being sent can be left up to interpretation or, more commonly, be claimed by a group of individual.
When notorious hacker and activist Julian Assange released confidential information from the U.S. government through his website WikiLeaks, the response was deafening. While the information proved embarrassing to the United States, there were other repercussions.
Because of the leak, several financial institutions such as MasterCard, Visa, and Paypal stopped taking donations for WikiLeaks.
In response to this closing of accounts and hindrance of the flow of money to the organization, several of these and other financial services had their website targeted by DoS attacks.
Customers and the companies themselves were unable to access their own websites and were crusted by the flow of traffic.
Ultimately, the companies were not only able to turn back the tide on these attacks but harden themselves as well.
A statement had been made. Hackers had shown that with some cooperation and a little planning they could quickly organize an attack and take down a substantial target.
DoS attacks have also become extremely popular with cyber criminals and organized crime groups.
These groups have organized themselves into complex hierarchies and structures designed to coordinate and magnify the effect of the attack.
In addition, the groups use their organization to sometimes enact extortion schemes or to set up other moneymaking schemes.
In yet other situations, these groups have been known to create botnets (which we have discussed in previous article) that they can later rent out for a price to any party who wants to them.
NOTE: DoS attacks are categorized as one of those “can happen to anyone” realities. As the saying goes, the world’s most secure computer is the one that stays in the box and is never turned on.
Unfortunately, that is not a practical solution for the real world; part of your focus as a CEH is to find that balance between security and availability.