HQ/EMEAFind out how we can help your business
What is a Denial-of-Service (DoS) Attack?
A Denial-of-Service (DoS) attack represents a cybercriminal activity where a threat actor aims to flood a server or network with a barrage of requests, rendering it unavailable to legitimate users.
Such an attack can prove immensely irritating and disruptive for the targeted entity and its stakeholders. The main objective for the attacker is to impede the server or network by overwhelming it with requests to the point that it stops functioning correctly. Consequently, this attack can result in diminished productivity, data loss, and financial issues.
How Does a DoS Attack Operate?
The primary mission of a DoS attack is to render a server or network unavailable to users by drowning it with excessive traffic. Typically, attackers employ one of two methods: flooding the target with multiple requests or crashing it with enormous data loads.
The former method is more prevalent to hackers since it involves flooding a system or website with numerous unnecessary traffic requests until it collapses. These flood attacks can take various forms, such as ICMP floods or SYN Floods. However, crash attacks are less common and involve exploiting vulnerabilities within the target system to cause a breakdown.
In addition, DoS attacks exploit inherent flaws in network communication protocols rather than relying on executing specific programs on the targeted system. During a DoS attack, computers are programmed to deploy hundreds or thousands of requests to a target server.
Threat actors commonly send these requests once to connect the end user and the desired website or server. Subsequently, the server or website responds with a signal accepting the user’s authorisation to connect.
This communication process, known as a handshake, occurs whenever a website is accessed. When a targeted server is overrun with many fake requests, its overwhelmed state stops standard functionality.
Common Varieties of DoS Attacks
- Buffer Overflow: The most prevalent type of DoS attack, a buffer overflow occurs when the traffic directed at a target network address surpasses the allocated buffer size, resulting in the target system demonstrating unexpected behaviour.
- ICMP Flood: Also referred to as a ping flood or smurf attack, the ICMP flood method exploits misconfigured network devices. Attackers launch spoofed ICMP packets to ping every computer on the targeted network, initiating the network to amplify the traffic.
- SYN Flood: A DoS attack flooding the target network with SYN packets. SYN flood, also known as a half-open attack, fills the TCP layer with SYN packets, stopping the TCP three-way handshake between the server and client on all ports, rendering the targeted infrastructure unable to establish connections.
- Slowloris: Slowloris represents a DoS attack strategy to slow down the targeted machine by issuing requests while using minimal bandwidth. Hackers attempt to maintain numerous connections to the target web server for prolonged durations by steadily dispatching commands over several seconds—the server’s failure to respond within the expected timeframe results in a crash.
Indicators of a DoS Attack Diagnosing
A denial-of-service attack can prove challenging and may avoid detection for extended periods. While several signs may suggest a site is under attack, not all are exclusive to DoS attacks. Here are some indicators to monitor if there is a suspected DoS attack:
- Unusually high volumes of traffic directed at the site, surpassing its capacity.
- Irregularities in network activity.
- Surprising activities on the target system.
- Higher CPU or memory utilisation.
- Unexplained connectivity issues among devices within the network.
- Slow page loading times.
Therefore, organisations must remain vigilant and adequately prepared given the escalating threat of DoS attacks.
How can iZOOlogic help my Company or Organisation?
Find out how iZOOlogic can protect you against Denial-of-Service (DoS) attacks through our Web App Threat Protection solutions.
To find out more about how iZOOlogic can help protect your company’s cyber security, schedule a demo.