Today, let’s learn about an interesting type of attack in the cyber attack set.
A Denial-of-Service (DoS) attack is an attack meant to disable any machine or network for a substantial amount of time, depriving the service to its intended users. DoS attack is perpetrated by flooding the target with a large amount of unwanted data or sending millions of requests in an attempt to slow it down. This attack has received increased attention over the years as it can lead to severe loss of revenue in any organization. In the year 2000, one of the popular DoS attacks ever staged that caused severe damage to major commercial websites including CNN.com, Amazon.com, eBay and Yahoo was an awareness call to all the high-profile organizations.
A variant of a DoS attack is DDoS i.e Distributed Denial of Sevice attack which employs an enormous amount of attacking systems to overwhelm the victim with spurious traffic. The DDoS attack is significantly popular as it is more powerful than a DoS attack since the attack is executed at a disruptive scale. The DDoS attack is performed by millions of system which makes it difficult to locate the actual attacking party. They are also more difficult to shut down due to the number of machines that are involved.
DDoS attack is one of the interesting attacks in the cyber attack set. Usually, hackers perform an attack with an intention to steal the sensitive information of legitimate users. But, no such theft is involved here. Though DDoS attacks do not typically result in the theft or loss of significant information or other assets, they can cost the victim a great deal of time and money to handle.
Let’s assume that Amazon has planned to launch, for instance, Xiaomi mobiles at 12:00 pm. Flipkart, who has gained this information decides to perform an attack by sending 1 million requests with a motive to increase the traffic and slow down Amazon’s server. Due to the poor service, Xiaomi mobiles might choose Flipkart over Amazon. This attack didn’t involve any theft of the company’s assets to know their business strategy but take over their clients by simply performing this attack.
Are you are wondering how these bogus requests are made by millions of system at the same time? Well, Botnets are used.
A Botnet is a number of Internet-connected devices which are used to perform DDoS attack. These devices, each of which are known as “bot” are created by penetrating software into them from a malware (malicious software) distribution. The word “botnet” is a combination of the words “robot” and “network” which is used with a negative or malicious connotation.
How can one prevent DDoS attack? Let’s understand that with an example. Any organization’s main server, say, Google server will be connected with a large number of proxy servers wherein these servers will be installed with an attack resistant software. When the attacker floods the bandwidth with a large number of requests, they are sent to the proxy server and not the Google server itself. The software shuts down the proxy server when it senses an attack and directs these requests to another proxy server hence keeping the main server alive. Arbor is one of the software companies that mitigate a DDoS attack.
Hold your horses! I’m not finished yet. Do you want to know who is performing DDoS attack on whom right this minute? Visit www.digitalattackmap.com
Come back and drop your comments below!