Popular social networking sites Twitter and Facebook were hit by a malicious cyber attack last week, bringing the sites crashing down and rendering them inaccessible to an estimated 45million users.
Twitter was disabled for a full two hours while Facebook and the blogging site LiveJournal were also affected in what was later suspected as a coordinated attack on one particular user.
The problems were the result of a denial of service (DoS) attack, a relatively common form of malicious computer activity which, up to last week at least, wasn’t exactly on the mainstream conscious. So then, what is a DoS attack?
A DoS attack aims to target a specific URL with too many requests for the server to process. This will eventually render a web resource unavailable to users, making a site respond very slowly or intermittently.
DoS attacks that occur simultaneously from more than one source are known as a distributed denial of service (DDoS). A DDoS attack will use hundreds, or thousands, of previously infected machines which have been infected with malicious software which then allows them to be controlled remotely, known commonly as a botnet.
The most common uses for DDoS attacks are for criminals to attempt to extort money from site owners who rely on accessibility to their site. In a high-profile example from 2003, criminals attempted to use a DDoS attack to extort money from online bookmaker Blue Square.
Other uses range from companies attempting to bring down competing sites through to combined DoS and phishing attacks in order to target online banking customers. While the site is affected, customers are sent a phishing email which directs them to a fake site, allowing cyber criminals to gain the banking details.