A Denial of Service (DoS) attack is a common and potentially dangerous cyber attack which organisations across the UK face. In this blog, NEBRC takes you through the steps your business can take to prevent and counter DoS attacks.
So what is a denial of service attack? A DoS attack is where attackers target company networks, attempting to overload or crash them. This can cause huge issues for companies as systems can become unusable during the attack, meaning data is hard to recover and the attack is difficult to block.
Read on to find out more about DoS attacks and the steps that can be taken to prevent them.
What Are DoS Attacks?
When a DoS attack occurs, responding to incoming requests becomes overwhelming for servers, causing them to crash or become unresponsive. A malicious actor may launch these attacks from a single computer or from a network of devices or systems controlled remotely, also known as a Distributed Denial of Service (DDoS) attack.
Methods of DoS attacks used by threat actors include bandwidth flooding, connection flooding, protocol attacks, and application-layer attacks. Bandwidth flooding is a very common DoS attack, which involves saturating a network’s bandwidth by flooding it with a massive amount of data, such as bogus traffic or large files.
The damage caused by a DoS attack can be severe, particularly if it targets a critical system or network, which can lead to revenue loss, reputation damage, and data theft.
To protect against DoS attacks, organisations should implement a range of security measures, including implementing firewalls, intrusion detection systems and regular network monitoring.
Who is Typically Targeted in DoS Attacks?
DoS attacks are often targeted at high-profile companies including banks, government organisations and media companies. They often result in huge losses of time and money for the companies to deal with effectively.
What are some Examples of DoS Attacks?
DoS attacks commonly come in one of two forms, flooding or crashing services. Crashing services DoS attacks will exploit weaknesses within systems, causing them to crash. Where a bug is found, input is sent by attackers to crash or destabilise the system.
Flooding Services
Here are some examples of how an attacker may flood services:
- Buffer Overflow – Sometimes known as buffer overrun, this occurs when an excess amount of data is used to overload the storage capacity of a buffer. This can result in the corruption or overwriting of adjacent memory locations.
- Internet Control Message Protocol (ICMP) – This type of DoS uses echo-requests, echo-replies or pings to check for connectivity and health issues on devices. Continuously sending these requests can overload the bandwidth of a network or IP address, meaning it can no longer complete true requests.
- SYN Flood – SYN Flood attacks block legitimate traffic to a server by sending overwhelming amounts of false connection requests without responding to the corresponding acknowledgments.
How Can DoS Attacks be Countered?
DoS attacks are difficult to stop once they have infiltrated your systems as they significantly reduce performance. Often, systems can not even be accessed to identify the source of the attack. You can use internal resources to block simple DoS attacks. However, it is strongly recommended that you involve a DoS expert if you are unsure of the correct steps to take. They will be able to aid you through regaining control of your systems and retaining your data. There is an alternative option which involves implementing new technology in your business. However this requires plenty of research if you don’t know where to look.
The experts at NEBRC can work with your business to create a plan of action so you are prepared in the event of a DoS attack. We can also assist you in the event of a DoS attack. Contact a member of our team now to find out more about how we can help your business.
Prevent DoS Attacks with NEBRC
The NEBRC is a non-profit organisation that seeks to educate, inform, and support organisations across the UK on how to stay safe online through strong cyber security practices. Sign up for our free core membership to stay up to date with the latest cyber security news and gain access to a wealth of handy resources.