You may have heard news reports about popular websites such as CNN, Amazon and Yahoo! being taken down by a DoS attack, but have you ever wondered what DoS means?
This common tech term stands for “denial-of-service,” where an attacker attempts to prevent legitimate users from accessing a website entirely or slowing it down to the point of being unusable. The most common and obvious type of DoS attack occurs when an attacker “floods” a network with useless information.
When you type a URL for a particular website into your browser, you are sending a request to that site’s computer server to view the page. The server can only process a certain number of requests at once, so if an attacker overloads the server with requests, it can’t process your request. The flood of incoming messages to the target system essentially forces it to shut down, thereby denying access to legitimate users.
A distributed denial-of-service (DDos) attack is one where a site is attacked, but not by just one person or machine. DDos are attacks on a site by two or more persons or machines. These attacks are usually done by cybercriminals using botnets (remote computers that are under their control), to bombard the site with requests. Cybercriminals create botnets by infecting a collection of computers—sometimes hundreds or thousands—with malware that gives them control of the machines, allowing them to stage their attack.
There is also an unintentional DoS where a website ends up denied, not due to a deliberate attack by a single individual or group of individuals, but simply due to a sudden enormous spike in popularity. This can happen when an extremely popular website posts a prominent link to a second, less well-prepared site, for example, as part of a news story. The result is that a significant proportion of the primary site’s regular users–potentially hundreds of thousands of people—click that link in the space of a few hours, having the same effect on the target website as a DDoS attack. When Michael Jackson died in 2009, websites such as Google and Twitter slowed down or even crashed.1
While this can be an inconvenience to you, as you may not be able to complete transactions or access your banking site, there’s no real danger for you. But unbeknownst to you, your computer or mobile device could be part of the botnet that is causing a DDos attack.
To make sure you’re not part of a DDos attack:
- Pay attention if you notice that your Internet connection is unusually slow or you can’t access certain sites (and that your Internet connection is not down)
- Make sure you have comprehensive security installed on all your devices, like McAfee LiveSafe™ service
- Be careful when giving out your email address, clicking on links and opening attachments, especially if they are from people you don’t know
- Stay educated on the latest tactics that hackers and scammers use so that you’re aware of tricks they use
1 “Web slows after Jackson’s death”. BBC News
Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.
ROBERT SICILIANO, CEO of IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds. His "tell it like it is" style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders to get the straight talk they need to stay safe in a world in which physical and virtual crime is commonplace. Siciliano is accessible, real, professional, and ready to weigh in and comment at a moment's notice on breaking news.
- What is a Man-in-the-Middle Attack?
There’s a reason why most people feel uncomfortable about the idea of someone eavesdropping on them—the eavesdropper could possibly overhear sensitive or private information. This is exactly the risk that computer users face with a common threat called a “Man-in-the-Middle” (MITM) attack, where an attacker uses technological tools, such as malware, to intercept the information
- ATM Skimming, Cyber Fraud Keep Bankers up at Night
Last year there were hundreds of cyber fraud incidents that struck banks and put consumers’ personal data at risk, even though the one involving Target stole the scenes. These crimes included payment card skimming, denial-of-service and web app tampering. As we’ve discussed, security is a top concern for banks at the board level. It’s not that
- What’s the difference between VPNs and Proxies and which Option is more secure?
If you are overseas somewhere and want to access your Facebook page…don’t be surprised if you can’t do this. In fact, you won’t even be able to get onto the Facebook site (or YouTube, for that matter), depending on what country that you are visiting. This is because some countries limit website access for their
- What is a Backdoor Threat?
Did you accidentally leave the back door open? This thought can be scary because you know that leaving the back door open at home could allow someone to enter your home and take your personal belongings. The same is true for a backdoor in the computer world. It is a vulnerability that gives an attacker unauthorized
- What is a Botnet?
The word botnet or bot is short for robot network. A botnet is a group of Internet-connected personal computers that have been infected by a malicious application (malware) that allows a hacker to control the infected computers or mobile devices without the knowledge of the device owners. When malware is launched on your computer or