Back to home page

DoS and DDoS

What are denial-of-service (DoS) and and distributed-denial-of-service (DDoS) attacks?

A DoS attack is a hacking technique that floods the victim's server, network, or application with an overwhelming number of requests, packets, or messages from a single source. DDoS attacks are similar, except that instead of from one source, the attack originates from multiple sources. 

The first thing an attacker does is take control of a network and the devices in it. These devices are infected with malware and used to carry out the attack. This collection of infected devices under the attacker's control is called a botnet. 

Rather than infiltrating the network, in a DoS or DDos attack, the objective of hackers is to take down the target site and make it unavailable to regular users. This could affect the reputation of the organization and lead to a loss of trust among customers.

The first DoS attack was initiated by David Dennis, a 13-year-old high school student, in 1974. Since then, attack methods may have evolved, but the underlying principle remains the same. 

Some common  DoS and DDoS attack types:

Ping of death: In this type of attack, targeted services are disrupted using a single ping command that sends IP packets larger than the 65,536 bytes allowed by the IP protocol. Hackers only need the IP address of the victim to carry out this attack.

Buffer overflow: Attackers exploit buffer overflow situations by overwriting parts of system memory with malicious code. When a process attempts to write more data to a fixed length block of memory, a buffer overflow occurs. This will cause the overrun data to leak to adjacent buffers with a fixed allocated space, corrupting the data it holds.  

TCP SYN: This technique involves the attacker repeatedly sending high volumes of SYN packets to the target server. The server's resources are all utilized processing these incoming packets, leaving the victim's server unable to address requests from regular users, effectively bringing down the service.

How to mitigate DoS and DDoS attacks

  • Monitor traffic to your web application by identifying any anomalous spike in traffic coming from any one IP address or location. 
  • Keep your firewalls and routers updated with the latest security patches.
  • Invest in a DoS protection service that will detect unusual traffic activity and redirect it away from your network. 

Some notable DDoS attacks:

GitHub

Once ransomware finds its way into a system, it encrypts the data in that system. The attack uses simple encryption algorithms using the same encryption and decryption key. However, the strongest ransomware uses public/private key cryptography. By using separate keys for encryption and decryption, the user will not be able to recover the files unless the attacker provides it once the ransom is paid.

Types of ransomware

Encryption ransomware

In 2018, online code management service GitHub fell victim  to a DDos attack. Incoming traffic was clocked at 1.3 terabytes per second (Tbps), sending packets at a rate of 126.9 million per second. Because GitHub invested in a DDoS protection service, it was alerted within 10 minutes of the start of the attack and was able to restore normalcy in under 20 minutes.

Dyn

Managed DNS provider Dyn was hit by a series of massive DDoS attacks in 2016 as a result of its network being infected by malware that deployed an army of remotely controlled bots. Websites affected included Netflix, PayPal, Reddit, Spotify, Twitter, and others. The attack was mitigated by rerouting the huge volume of traffic, and services were back by the end of the day.

Spamhaus

In 2013, a DDoS attack crippled the website and email service of Spamhaus. The traffic during the attack was estimated to be 300Gbps. The mastermind behind the attack was Cyberbunker, who was blacklisted by Spamhaus.

Share:

Latest DoS and DDoS attacks

Latest Brute force attack

Latest Crypto ransomware

Latest Advanced persistent threat (APT)

Compliance violation

Stay In The Know

Subscribe to our digest to get your weekly dose of cyber security updates straight to your inbox.

Please enter a business email id
 

By clicking 'I’m interested', you agree to processing of personal data according to the Privacy Policy

+

Stay In The Know

Thank you

You will receive weekly cybersecurity news soon!

  • Please enter a business email id
  •  
  •  
    By clicking 'I'm Interested', you agree to processing of personal data according to the Privacy Policy.

© 2019 Zoho Corporation Pvt. Ltd. All rights reserved.