Denial Of Service
When multiple attackers overwhelm a service or resource, making it unavailable for use.
Intro
You rouse from your slumber before the sun, excitement tingling in your veins for that big job interview you've been eagerly awaiting. With ease, you grab your breakfast and gather your essentials, feeling confident and ready for the day ahead. Then, as you were approaching your car, a smooth criminal snatched your bag in a heart-stopping instant. Panic floods your senses as you realize your phone, ID, and keys are gone, leaving you stranded and powerless. You can’t call to reschedule your interview, can’t call a cab, can’t get back into your own house. The thief, in a way, handcuffed you, and you are temporarily paralyzed. In other terms, for a moment, they denied you your freedom.
What is Denial of Service?
It’s when an attacker prevents you from doing your business. Or when they prevent others from accessing your services. It goes deeper than that, but the essence is still the same.
Ways of Denial of a service.
So, the main point, or rather, the effect of this attack is to flood the network of services to the point it can’t handle it and stop working. But how do attackers do DoS? Lucky for us, great people in the cybersecurity field have categorized the types of attacks and they try to prevent these attacks every day. As they say, knowing a problem is the first step to solving it. Here are five types of DoS.
Reflected
When an attacker spoofs the identity of a victim and requests some information from a legitimate source to be delivered to the victim. It’s like when someone tries to prank you by ordering takeout from your least favorite restaurant under your name delivered to your house. The delivery guy is not the attacker, the person who made the call is the evil one.
Imagine you're trying to make plans with a friend using a special secret code. You send them a secret signal (SYN packet) to let them know you want to chat. When your friend sees the signal, they send a secret signal back (SYN-ACK) to say they're ready to talk. Then, you send another signal (ACK) to confirm you're both ready to chat. It's like saying, "Hey, I'm here!" and your friend saying, "Got it, let's chat!" But now, imagine if someone sneaky sends a fake signal from a made-up address, pretending to be you. When the server gets the fake signal and sends a "Got it, let's chat!" back, there's no one there to respond. It's like the server is waiting for you at a restaurant, but you never show up because you didn't make the plans. The sneaky person tricked the server into thinking you wanted to chat, but it was all a trick.
Amplified
Same as the prank from before but imagine that you get a delivery of 100 pizzas. The bad guy just made a phone call, and a real, good, pizza place just did the work. Now, you will have your hands full with these 100 pizzas. By the way, if something like this happens, call me. I've got a plan.
We mostly see the bad guys using DNS in this attack. They call DNS servers and ask for huge amounts of data. And they spoof the victim's IP address, so the DNS sends a huge amount of data to the victim. DNS servers are conducting the attack without their knowledge. This attack is not affecting the DNSs.
Distributed, DDoS
Well, same as before, but multiple different people are doing the same prank altogether. So, you will get dozens people calling different restaurants, and every attacker orders a pizza to your house. The bad guys like to work together.
In many cases, the bad guys don't have lots of friends to carry out the attack with them. So, they create bots, and these bots will act the same bad way as they would do. They are much faster than humans, so a click of a button might bring the strongest server to its knees. Don't worry, there are ways to prevent that.
The deadly mix.
What is it? Muahahaha, combine the evil stuff from before. Multiple people attacking you by requesting a large amount of stuff to your address. I can't even think about it.
Unfortunately, this is what we mean when we say DDoS or just DoS. We rarely see just one type of DoS used to attack a system, meaning that the attackers like to infect multiple small systems and order these infected systems to create multiple huge fake requests to bring the victim to a halt. Luckily, we are seeing the good guys are improving, and in many cases win a battle against DDoS.
Friendly fire, unintentional.
Jonathan called you and said let's go for dinner Tuesday at 6 pm at the usual place. You cleared your schedule and are ready to meet at that time. After you arrived at the restaurant, it seems like Jonathan has stood you up. You try to call him, but his phone is not on. After leaving a couple voice messages, angry ones, you get a call from him saying that he genuinely meant to meet on Thursday, not Tuesday. He prevents you from doing anything productive that evening by mistake.
A common and funny one is when a coworker buys a router and brings it to the office to have better Wi-Fi. They know nothing about Wi-Fi technologies, they just power it on and set it up with the same name and password. Unknowingly, they just created an Evil-Twin. But unlink normal evil-twins, this one has no internet connection whatsoever, and everyone near the new router is automatically connected to it, and no one has an internet connection that morning. With no internet, no work is done, all thanks to Jonathan.
Why this Denial of Service exists, how to defend, hmmm.
DDoS is an annoying and harmful kind of attack. The main point of it is to prevent the victim to communicate with anyone else. Ethier by flooding/clogging the network or taking too much processing power from the servicers. I can't think of good use for DoS, it's just plain bad. And bad guys do it with evil intentions. Fortunately, it's one of the attacks that seem to have the least damage. And the blue team in cybersecurity is creating different and effective solutions to mitigate DDoS attacks.
Conclusion.
As a consumer, I doubt that you will get attacked using DDoS anytime soon. You might be unable to access your email for a while, but no personal information is affected. And since you're not directly affected, you have nothing to fear.