DOS and DDOS attack

DOS stands for Denial of Service. This literally translates to “denial of service.” More appropriate would be “unavailability of the service”. This is because a DOS attack aims to deliberately overload a system so much that it can no longer perform its tasks – the service it offers is no longer available. As a result, for example, the company website can no longer be accessible, production can come to a standstill or customer service can be cut off from e-mail traffic. DDOS is the abbreviation for Distributed Denial of Service. This is because in a DDOS attack, the deliberate overload is caused by a variety of decentralized sources. This makes such an attack very difficult to contain.

What does DOS and DDOS attack mean in detail?

DOS attacks

• Basically, many DOS and DDOS attacks are carried out by sending more requests to a target system than it can handle.
• In a DOS attack, all of these requests originate from a single source, such as a cybercriminal’s computer.
  This attack can be stopped by no longer accepting requests from this one source.
• A DOS attack can also be successful without requests: If it exploits bugs that cause the target system to crash so that it can no longer be reached.

DDOS attacks

• In a DDOS attack, many different sources send requests. These sources are often computers all over the world that form a criminal botnet – without the knowledge of their owners.
• In a DDOS attack, requests are made from so many different sources that they cannot be specifically blocked.

All DOS and DDOS attacks constitute criminal offenses. They can be based on various motivations:

• Vandalism
• political activism
• Sabotage (e.g. on behalf of a competing company)
• Extortion (when a ransom is demanded to stop the attack) –
• As a distraction, e.g. from an attack on another company-owned system
• To redirect legitimate requests to the attacked system to a rogue system.

Where do I encounter the topic of DOS and DDOS attacks in my everyday work?

Specifically, you will only encounter it in the event of an attack. Signs are, for example, the inaccessibility of your company website, production standstill or breakdown of electronic communication. Nevertheless, they can contribute to the prevention of DOS and DDOS attacks in everyday work.

What can I do to improve my security?

Almost all basic measures to reduce cyber risk also counteract DOS and DDOS attacks and help to prevent company-owned computers from being connected to criminal botnets . Your administrator can take additional action through firewalls, server settings, etc. An important measure is to secure alldevices connected to the Internet. These include, for example, loudspeakers, watches, surveillance cameras and baby monitors. Such devices are rarely provided with strong passwords and their firmware is only updated sporadically. This makes them particularly easy for cybercriminals to connect to botnets and misuse for DOS and DDOS attacks.

Further interesting information can be found on the topic page “DDoS attacks in cyberspace” of the Alliance for Cyber Security.