What are DoS and DDoS attacks?
If your favourite Web site is down, one possibility is that the site is suffering a Denial of Service, or DoS, attack.
This is probable in particular, if the site is an online shop, a bookie or another site that relies financially on being
online at all times.
Enemy at the gates
A DoS attack aims to render a Web resource unavailable to its users by flooding the target URL with more requests than the server can handle. That means that during the attack period, regular traffic on the Web site will be either slowed or completely interrupted.
A Distributed Denial of Service (DDoS) attack is a DoS attack that occurs from more than one source at the same time. A DDoS attack is typically generated using thousands (potentially hundreds of thousands) of unsuspecting zombie machines. The machines used in such attacks are collectively known as a botnet and will have previously been infected with malicious software, meaning they can be remotely controlled by the attacker. According to research, tens of millions of PCs are likely infected with botnet programs worldwide.
Cybercriminals use DoS attacks to extort money from companies that rely on their Web sites being accessible, and there have also been examples of legitimate businesses having paid underground elements of the Internet to help them cripple rival Web sites. In addition, cybercriminals combine DoS attacks and phishing to target online bank customers. They use a DoS attack to take down a bank's Web site and then send out phishing emails to direct customers to a fake emergency site instead.
DoS attacks have proven themselves to be very profitable. In October 2006, Russian authorities jailed a gang of cybercriminals who had extorted online casinos and bookmakers. Firms knocked offline during major sporting events were said to have lost up to $200,000 per day in projected profits, and the gang was thought to have raked in at least $4 million from numerous victims in 30 different countries. Assaults can go on for days or weeks and all sorts of Web sites are being targeted. Attacks are constantly getting more powerful and in September 2007 ISPs reported sustained attack rates exceeding 24 gigabits per second –
enough to completely shut down a smaller ISP or Web server farm.
A new type of warfare
In the spring of 2007 miscreants even went after an entire country. The tiny Baltic republic of Estonia weathered a month-long cyberattack that shuttered Internet servers nationwide. At the height of the crisis, people who wanted to use payment cards to buy bread or gas had to wait, as the onslaught crippled Estonia's banks.
Researchers recorded an average of 5,213 DoS attacks per day in the second half of 2006. The US was the target of most DoS attacks, accounting for 52 percent of the global total. Experts estimate that 70 percent of all DoS attacks worldwide originate from a mere 50 sources.
