What is a denial of service attack and how can I protect myself from them?
This question was answered on October 31, 2014. Much of the information contained herein may have changed since posting.
The basic concept behind a denial of service attack is to flood a website with so much traffic that it overloads the host server making it inaccessible.
The best analogy I can think of is a radio station contest for a valuable prize. The on-air personality announces that the 20th caller will win, which causes a huge flood of phone calls to the radio station contest line.
The vast majority of the callers will get a busy signal because far too many people are trying to access the same phone line at the same time.
The Internet equivalent of this is malicious and makes it nearly impossible to reach a targeted website, which is akin to taking the site down.
Denial of Service (DoS) attacks are generally perpetrated on high-profile targets and commonly as a form of protest or by those that consider themselves 'hactivists' or anarchists.
NSFocus, a security firm, estimates that an average of 28 DoS attacks occurred every hour somewhere on the Internet in 2013 as new attack methods designed to stay ahead of defensive measures surfaced.
There is no way to stop someone from making your business a target, but using resources like the ones from CloudFlare.com can help fight DoS attacks when they happen.
Although DoS attackers generally aim for high-profile targets, any website can become a victim of this type of attack because of how easily they can be executed these days.
The source of the attack are thousands of average computer users that have not kept their computers updated and properly secured.
These neglected computers have been silently infected with malware and become unwitting soldiers in a virtual zombie army known as a ‘botnet’.
Botnets (from roBOT NETworks) are a huge network of infected computers that can be remotely commanded by a single hacker to perform all manners of illicit activity on the Internet with a few keystrokes.
Just about everything we all complain about, viruses, spam, adware, spyware, brute-force attacks, DoS attacks, etc. are being silently sent from these infected computers because botnets can be rented by the hour in cybercrime circles.
The irony in this is that many people that are complaining about all of the nefarious garbage on the Internet are actually unknowingly the perpetrators.
Computers that take forever to startup or that seem to drag along when you’re trying the surf the net are classic indicators that something unnecessary is running in the background, but far too many people ignore these symptoms.
The problem has gotten so widespread that the Department of Homeland Security has taken to dispatching regular warnings to average citizens about the importance of maintaining proper security on home computers.
The concern for DHS is that attacks on infrastructure are likely to come via botnets as the number of silently infected computers grows in the U.S.
So, before you complain about hackers, spam and malicious garbage, make sure you’re not actually contributing to the problem by ignoring the signs of infection.
About the author
Posted by Ken Colburn of Data Doctors on October 31, 2014