Denial-of-Service (DoS) Definition
What is a Denial of Service (DoS) Attack?
A Denial of Service (DoS) is an attack on the availability of a resource (data, web application, etc.). DoS attacks can be performed in a variety of different ways, and their primary goal is to decrease an organization’s ability to provide services to legitimate users (customers, employees, etc.).
How Does a DoS Attack Work?
A DoS attack is any attack designed to reduce the availability of a particular resource. While a DoS attack may be designed to bring a system completely offline, it can also be used to make the resource less available. For example, some distributed DoS (DDoS) attacks are designed to be “low and slow” to evade defenses while still having a noticeable impact on the availability of an organization’s systems.
DoS attacks can be performed in a few different ways. Some common examples of DoS threats include:
- Flooding Attacks: DDoS and similar attacks are examples of attacks designed to overwhelm a system with more data than it can handle. By flooding the target with a large number of spam requests, the attacker can eat up network bandwidth, computational resources, storage, or other scarce resources to make a system unusable.
- Vulnerability Exploitation: An application may contain vulnerabilities that make it vulnerable to DoS attacks. For example, an attacker may exploit a buffer overflow vulnerability, causing the application to crash and rendering it unavailable to legitimate users.
- Infrastructure Attacks: An attacker can also attack the physical or digital infrastructure supporting a service. For example, cutting power to a data center or performing a DDoS attack against a DNS server can make it impossible to reach websites with servers in that data center or whose DNS record is on that DNS server.
DoS is also an example of an attack that can be performed accidentally. For example, there are numerous examples of ticket sites going down after sales open for a particularly popular event.
Potential Impacts of a DoS Attack
DoS — and more specifically DDoS — attacks have emerged as some of the most common cyberattacks. Some ways in which these attacks can impact the target include:
- Financial Losses: A DoS attack against an organization’s website can make it impossible for customers to visit the site and make purchases. As a result, the attacker could lose revenue due to the attack.
- Brand Damage: DoS attacks prevent customers from using an organization’s services. This can damage the corporate brand and may cause customers to switch to competitors.
- Lost Productivity: DoS attacks can harm productivity if they bring down services that employees need to do their jobs. Additionally, security personnel may expend time and resources remediating the attack that would otherwise be used elsewhere.
- Increased Costs: Flooding attacks force an organization’s systems to handle many spam requests. These consume computational resources and electricity without providing any benefit to the organization.
Conclusion
DoS attacks harm the availability of an organization’s resources. These attacks can be performed by overwhelming a system, exploiting a vulnerability, or other means.