May
14

IT Disasters in Focus: Denial of Service

IT Disasters in Focus: Denial of Service

May 14
By

In each edition of IT Disaster in Focus, we explore some of the biggest, most annoying, and costly IT disasters you can encounter. This article also appears on Talkin’ Cloud.

Last time, we discussed an issue we’re all familiar with: user error. It’s an IT disaster for sure, but its affects might not be as devastating as a cyber-attack on your business. One attack in particular can affect your online sales, or any web-based services you provide, and that is denial of service.

What is a DoS attack?

DoS stands for denial of service. Whenever some attack stops a website from providing service, it’s technically considered denial of service. In some cases, denial of service isn’t even an attack, it just happens because too many visitors arrive on a site.

Are there different types of DoS?

There are different ways a denial of service attack can occur. Some attacks use peer-to-peer sharing software, and others can permanently disable a system by corrupting its firmware. While it can happen a few ways, the type of denial of service attack you’ve probably heard the most is a DDoS attack, or distributed denial of service attack. Put simply, a DDoS attack disables service to a website by flooding it with too much traffic to handle. Typically, the traffic is provided by a number of networked computers that are under a hacker’s control, all of which make up a network of enslaved computers known as a botnet.  All of these systems visit the website at once, and since it can only handle a finite number of requests, it crashes.

How often do DDoS attacks occur?

Wikipedia cites numbers as high as an average of 28 per hour, and it’s a number that seems to rise exponentially each year.

Who uses DDoS attacks?

Hackers from all over the world use DDoS attacks for a number of reasons—it’s really tough to pin it down precisely. Theoretically, DDOS attacks could even be used by one business against another as an extremely underhanded (and illegal) business tactic.

For what end do they use these attacks?

Some have done it to get ransom money. Hackers will tell companies they have to pay a certain amount of money or their systems will be taken down by an attack. It’s a bit of a catch-22 for businesses that get these messages. The companies that actually pay might be the target of future attacks, since they then might be known as one of companies that pay. Those that don’t pay might actually suffer an attack, which can cost them money and possibly their reputation.

DDoS attacks have also been used by hacker groups like Anonymous as an act of protest, who have brought down websites affiliated with certain groups whose actions they disagree with. Some will use DDoS attacks seemingly because they just want to cause trouble. Recently, Xbox Live suffered a service outage that many attributed to a hacker group that seemed to be doing it for kicks.

Who is affected by them?

Some of the larger attacks have happened to Microsoft’s Xbox Live Network, Sony’s Playstation Network, Steam, and more, but smaller startup tech companies are also becoming the target of DDoS attacks as they often don’t have as many measures in place to prevent or mitigate these attacks.

What else do we need to know about DDoS attacks?

Sometimes they’re an accident. Service can go down for reasons that aren’t nefarious. As noted, they can be shut down just because lots of visitors arrive at once. Often, sites like Reddit will direct a large volume of traffic to a web page, maybe it’s just an interesting article, picture, or what have you. If a large enough audience visits a website that’s not ready to handle it, the traffic can cause it to shut down, resulting in something that, in Reddit’s case, is referred to as the “Reddit hug of death.”

They can be expensive. A 2013 report by Neustar explains that around 29 percent of businesses said a DDoS outage would cost them over $100k per hour.

They affect support more than revenue. The same Neustar report says that companies think customer support is impacted the most by a DDoS attack (63.4 percent) followed by brand and customer confidence (56.6 percent. Note: this question allowed for multiple responses).

They can be tough to stop

We’ll talk about prevention in a later post, but DDoS attacks are notoriously difficult to stop. How do you determine what traffic is legitimate, and what traffic is trying to shut you down? It can be tough, but there are some best practices.

Conclusion

Whatever the case, any business should developing a DDoS action plan. In particular, those that depend on web-based service delivery should take note of best practices for preventing these types of attack so that associated downtime—for your business and affected clients—doesn’t cause more trouble than you can stand.

Photo credit: geralt via Pixabay