Continuing our series on Cyber Security, this blog post aims to shed some light on a security term that is casually thrown around these days, Denial-of-Service.
As the term conveys a “Denial-of- Service” (DoS) attack aims to cut off the provision of a service. When we speak of it in terms of computing we would generally refer to an online network-based service that is renderred inaccessible to legitimate users during the course of the attack. A successful DoS attack would require a large number of requests being sent to the network service at a specific point in time.
In general for a seamless network communication to happen a “request-acknowledge” signal is essential, i.e. when a user makes a request to a network service his request would first be acknowledged and then data corresponding to his query would be sent back along with a request for acknowledgement once the data is received. The user then sends an acknowledge signal once the requested data has been received. All this happens in the order of milliseconds hence they are barely noticeable.
Every server that hosts a service would have a maximum request-handling capacity, and when that threshold is exceeded the server or the service becomes unavailable. It is this request limit which is exploited and abused by a DoS attack.
When speaking in terms of malware related DoS, malware authors employ their botnet (a collection of computers infected with silently-running backdoor Trojans) to perform this kind of attack. A botnet controller (aka “Bot Master”) can send out instructions to the entire botnet under his command to target a specific service, typically a web service, to effect a DoS on the target website.
Several DoS attacks have been orchestrated targeting organizations along with ransom demands to call off the attack. In the days of e-commerce and online services it is essentials that business organizations keep their services up and running in order to retain their customer base.
In this series we shall have a look at various flavours of DoS attacks and how they are orchestrated.
Image Courtesy of:
K7 Threat Control Lab
If you wish to subscribe to our blog, please add the URL provided below to your blog reader: https://labs.k7computing.com/feed/