In today’s security lexicon, we will be taking a closer look on DoS and DDoS attacks, two of the most terrifying weapons in the hacker arsenal, which have been used many times by groups and individuals across the world to cause considerable uproar. How they work, how they were used and how to protect oneself from this vicious form of attack – that and more in this edition of our security lexicon.
DoS (Denial-of-service) and DDoS (Distributed-denial-of-service) attacks basically operate the same – hackers use them to deny access or proper functionality to a certain website or application. The difference between the two attacks is while the DoS attack is typically deployed by one person from one individual computer and one internet connection, in the case of a DDoS attack there are hundreds, thousands even, of computers called “botnets” operating on a global scale.
A botnet is the proper term for a computer that has been infected by a hacker via mail, social or other sites, and can so be used by the attacker for nefarious means, without the knowledge of its owner. An army of botnets can be thus misused to deploy a DDoS attack, that generates such high traffic/requests towards the target server, which can overload it leading to a state in which the common users can not access any content on that given server.
Special internet markets even offer botnets or individual DDoS attacks for a meager price of about 150 USD. Anyone with sufficient knowledge of where to buy this kind of attack can use it to bring down or at least to complicate the lives of their competition and rivals. We do not endorse this kind of activities, of course, that’s why we won’t publicize the precise places where these markets can be found. We only seek to shed light on the fact, that these dangerous services exists and are being used.
Types of DDoS attacks
We know of many different kinds of DdoS attacks, the most known and used include:
- Traffic DDoS attack: Botnets send massive amounts of TCP, UDP and ICPM packets to the target server (simply put, they act like common website visitors, just many more than the server can handle at one time). These packages overload the server which leads to complete denial of service and content for any other real visitor or user.
- Bandwith DDoS attack: This type of attacks overloads the target server with a huge amount of junk data, the consequence of which is the loss of bandwidth and source devices. The result is the same – complete denial of service to visitors attempting to access the given server.
What to do, in the case you’ve become a target or an unknowing accomplice to an attack?
Even if you succeeded in correctly identifying a DoS or a DDoS attack, it’s very improbable that you’ll be able to determine the real target or source of the attack, Contact the appropriate professionals for assistance. If you notice, that you no longer have access to your own files or you can’t establish a connection to external websites from your computer, contact the admins of your network – this can mean that your computer or the network of your organization is under attack. If you experience something similar at your home computer, contact your internet service provider immediately, they should be able to provide steps leading to recovery.
The infamous DDoS attack
The hacktivist group New World Hacking, has assumed responsibility for the crashing of the global BBC network as well as the website of US presidential candidate Donald Trump in January this year.
The group has targeted all BBC sites, including their music service iPlayer and brought them down for approximately three hours. One of the group’s members, calling himself Ownz, has revealed that they’ve used their own tool BangStresser to deploy these DDoS attacks, which have achieved a staggering 602Gbps (currently the world record for a server overload using a DDoS attack).
Hackers posses DoS and DDoS attacks in their arsenal for many years and according to all released information, they do not plan to stop using them (thanks to the relatively high effectiveness and simplicity of the attacks). Until someone thinks of a similarly simple and effective means of defense, we need to stay vigilant – the main thing is to take care that your computer doesn’t become a botnet, which could be used by somebody else. That’s why it’s more important than ever to think hard about suspicious emails and attachments, links and websites and of course to protect all your passwords.
SaferPass – Online identity is everything. Give us a try and feel safe every day of your online experience.