Like a gang of uninvited, itinerant youths standing in the doorway at a party, a DoS attack disrupts or stops a service by sending large volumes of data or traffic through your network until the network can no longer function. Like the annoying youths, it prevents normal service, only without the baggy jeans and menacing stares.
Most often DoS attacks happen via a Distributed Denial of Service (DDoS). This means they will hijack multiple computers – without the users’ knowledge – and use them to send the traffic or data that will overload the system.
What’s the business risk?
The biggest risk for business is a security breach or restricting or denying online access. When these attacks have happened in the past they have targeted government agencies and banks as a form of revenge or blackmail.
For businesses that fall victim, a loss of service usually means a loss of revenue or sales; it could also mean vulnerability to other forms of attack and a loss of sensitive data.
What to look out for:
Like brute force attacks, if you’re under attack from DoS, your network will be unusually slow. Files will be slow to open and website slow to respond or unavailable entirely. You may also notice an increase in the volume of spam, or notice that your machine disconnects frequently from the network.
There are simple methods to detect an attack early (simple for the tech guys anyway!). Running a script on your server to periodically send a message about traffic count will alert you to any abnormal spikes. Remote monitoring services also perform a similar check.
Because of their nature, DDoS attacks can be hard to prevent if identified. While you can take preventative steps – like rate limiting your router, or adding filters so that your router drops packets from obvious attackers – they will only buy you time.
In the first instance, let your ISP know that you’re under attack and then call in the help of a DDoS specialist. Think of them as burly reinforcements sent for to scare off the uninvited youths.