Thursday, October 17, 2013

What are Denial of Service (DOS) attacks?

Denial of Service attacks have become more widely known due to extensive media coverage. But what exactly is a denial of service attack? Simply put, a denial of service attack is a type of cyber attack wherein a website or service is brought down by a hacker or a group of hackers by flooding it with bogus traffic. The web server becomes overloaded with this bogus traffic and the service eventually crashes.

This means that if a hacker performs a denial of service attack against a website, say for example a bank website, then all the online transitions of that bank will be halted. Both companies and individuals are no long able to log into their netbanking accounts for the duration of the attack, leading to loss in revenue for the bank. The bank will also lose reputation and credibility for failing to protect their IT infrastructure.  Similarly, if Gmail was attacked, millions of users will not be able to access their email accounts. In a typical DoS attack, one hacker performs the attack using a DoS tool or script. This is easy to mitigate. The only thing one needs to do is block the IP address of the attacker. To overcome this, hackers use a technique called Distributed Denial of Service or DDoS.

What are Distributed Denial of Service(DDoS) Attacks?

DDoS attacks involve hundreds, if not thousands of "volunteers" who install the DoS tool in their systems and launch a coordinated attack on the target at a specified time. This was the case when Anonymous hacker group took down Paypal  and Mastercard websites some time back. In case there are no "volunteers" involved, hackers use a networks of zombies called botnets to perform the same attack. These zombies are basically normal home computers which have been hacked and infected with the DoS tool. The controller is able to issue remote commands to these "bots" so that they can start attacking a particular website without the owners even noticing. 
Hackers and hactivists perform denial of service attacks by using an array of readymade tools. one such tools is called the Low Orbit Ion Cannon(LOIC). It is a simple GUI tool and volunteers can use it to launch attacks once they receive the green light from the controllers, usually via IRC or social networks. There are many other DoS tools such as HOIC,Hulk Web server, RUDY (R-U-Dead-Yet), Silent  DDoSer etc.

This disruption in service is one of the biggest challenges for companies today. There is no fool proof method to protect against DDoS attacks.  There are many ongoing research on how to mitigate DDoS attacks. As of now, big companies rely on IDS and firewalls and the cooperation of the ISPs to mitigate such attacks.

Would you like to know how to perform a denial of service yourself? Read my other article on how to perform DoS attack here.

1 comment: