Understanding a Denial of Service Attack
September 30, 2016
What is a denial-of-service (DoS) attack?
A denial-of-service (DoS) attack happens when attackers attempt to prevent users such as employees or customers from accessing the applications, information or services they rely on for personal or professional purposes, such as a website.
Malware can secretly enlist your computer to attack a website or network.
Frequently check your software and hardware for malware infection.
The most common type of DoS attack occurs when an attacker floods a network with requests for information. For example, when you type an address into your browser or click a link to take you to a website, you are sending a “request” to that website’s server to see a webpage. Most websites can only process a limited number of requests at one time. So, if an attacker overloads the server with requests, it can “crash” the site; thus denying legitimate users access to the service. Attackers can use spam email messages to launch similar attacks on an email account as well.
What is a distributed denial-of-service (DDoS) attack?
A distributed denial-of-service (DDoS) attack is when an attacker uses botnets—networks of malware-compromised computers taken over and controlled by hackers—to initiate the attack. The attack is “distributed” because the attacker is using multiple computers from which to launch the attack.
How to manage a DoS or DDoS attack
While you cannot prevent becoming the victim of a DoS or DDoS attack, there are steps you can take to reduce the likelihood that your computers will become part of the botnet used to launch an attack:
- Use AV software – Install, maintain and run antivirus (AV) software on your PCs
- Practice prevention – Run AV scans looking for malware on a regular basis
- Install a firewall – Configure it to restrict traffic coming into and leaving your computer or network
- Use spam filters – Applying email filters may help you manage unwanted traffic as well as cut down on the likelihood of downloading the malware that turns your computers into bots
How to tell an attack is happening
The following symptoms could indicate a DoS or DDoS attack:
- Performance issues – Unusually slow network performance such as when opening files or accessing websites
- 404 Errors – These are the errors users get when a website is unavailable
- Lots of spam – A dramatic increase in the amount of spam you receive in your inbox may indicate your email server is under attack
What to do if you suspect an attack
Because DoS and DDoS attacks are hard to identify without the proper tools or experience, your best course if you suspect your systems are under attack is to call your technical support teams and let them determine the cause of the problems. For example, if you notice that you cannot access internal files or reach external websites from your work computer, contact your network administrators. If you are having similar experiences at home, contact your internet service provider (ISP).