Denial of Service Attacks

15 02 2012

Distributed Denial of Service attacks are becoming increasingly popular amongst hackers, activists and the protagonists. Out of the three security goals of a system- Confidentiality, Integrity and Availability, denial of service exploits the “Availability” goal. Denial of Service (DoS), in its simplest form occurs when an attacker will inundate a system with more data or requests than the communication system is designed to handle.  A hacker can also launch a coordinated DoS attack in which a network of compromised computers (bots) can be used to attack one or more targets; such an attack is called a Distributed Denial of Service (DDoS) attack. What makes such an attack special is that it does not exploit the vulnerability of an application code instead the network itself is attacked. Not to mention, combining an application attack with DDoS attack increases the odds of success for the hackers.

In the month of January this year, hackers blocked access to web sites of U.S. Department of Justice, FBI, The Copyright Office, The Motion Picture Association, the Recording Industry Association, and several other music industry sites. This was retaliation against the DoJ’s decision to shut down a website which hosted copyrighted files (Goldman, 2012). DoS attacks are not new. ‘In the first week of March 1998, the Internet was inundated with DoS attacks that exploited a problem with Microsoft Windows NT servers. This huge attack brought down thousands of NT stations, including the ones at NASA, the Massachusetts Institute of Technology (M.I.T.), the U.S. Navy, and the University of California at Berkeley’ (Spencer, 2000). These are names of some websites which are held in high respect by internet users. They are almost brand names in their own sense. When web sites like these are brought down by hackers, one can only imagine the visibility it provides the hackers and needless to say the embarrassment to the web hosting company.

As a norm, thieves and criminals would prefer to stay unnoticed so why would these hackers do something which would instead draw people’s attention? That is precisely the reason why some security analysts compare such groups to the thieves who rob a jewelers store and then go around the town showing off their stolen jewelry (Goldman, 2012). This comparison is not entirely true because even though the authorities are aware of groups like “Anonymous” who are famous for DDoS attacks, it is still very complicated to get hold of these hackers as it requires a lot of diplomatic and legal co-ordination with other countries.

But is getting visibility the only reason why a group would co-ordinate such an attack on famous web sites like CIA, Visa, MasterCard or News Corp. (Goldman, 2012)? While in some cases, it could be done solely to get a point across to a larger audience. In other cases, it could just be a cover to draw network administrator’s attention away from the real threat.  It could also be a case where hackers have deployed a code on the victim company’s servers which needs a re-booting of the servers to be effective.

Unfortunately, it is not so easy to prevent DDoS, because preventing such attacks is similar to fighting the unknown (Spencer, 2000). Some of the precautions that can be taken by the network administrators are below:

  • Develop a distributed infrastructure- Building an infrastructure across various networks increases the odds that customers can access a site during an attack. (Spencer, 2000)
  • Encourage the ISPs to develop source-address anti-spoof filters, which help foil denial of service attacks. (Spencer, 2000)
  • Patch the servers regularly.
  • Monitor the network for regular network traffic.

As a general rule, it is important to follow the best practices of infrastructure, network, policies and security standards. Everyone needs to do their part both within an organization as well as public users of the internet in order to successfully ensure the security of our information systems.

_____________________

CERT Coordination Center, C. (1997, 10 02). Denial of Service Attacks. Retrieved 02 09, 2012, from http://www.cert.org: http://www.cert.org/tech_tips/denial_of_service.html#3

Goldman, D. (2012, 20 01). Hacker group Anonymous is a nuisance, not a threat. Retrieved 02 09, 2012, from http://www.money.cnn.com: http://money.cnn.com/2012/01/20/technology/anonymous_hack/index.htm

Mullins, M. (2002, 01 02). Understanding a Smurf attack is the first step toward thwarting one. Retrieved 02 09, 2012, from http://www.techrepublic.com: http://www.techrepublic.com/article/understanding-a-smurf-attack-is-the-first-step-toward-thwarting-one/5034101

Spencer, B. (2000, 02 21). What the recent distributed denial of service attacks mean to e-commerce. Retrieved 02 11, 2012, from http://www.techrepublic.com: http://www.techrepublic.com/article/what-the-recent-distributed-denial-of-service-attacks-mean-to-e-commerce/1036525

Stewart, L. D. (2007, 02 23). Securing against Denial of Service attacks. Retrieved 02 10, 2012, from http://www.w3.org: http://www.w3.org/Security/faq/wwwsf6.html

Advertisements

Actions

Information

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s




%d bloggers like this: