Tips and Tricks

The ABC of Cybersecurity: D is for DoS Attack

Handshakes have been a sign of friendship since forever. We shake hands so often throughout the day that we lose track of how many people we’ve greeted. But what if none of the people we shake hands with would actually let go of your hand? You’d run out of hands.

In computing this is known as a Denial of Service (DoS) attack meaning that a hacker is flooding your website with fake traffic so it is unable to accommodate  people that want to legitimately visit it. Attacks on software applications could stall them or crash them completely. Once the hacker manages to leverage a DoS attack, the site will not be able to process all requests and will show an error message to genuine visitors. Consequently you will lose customers and your search engine optimization efforts will also be affected.

This is also the case with Distributed Denial of Service (DDoS) attacks launched through botnets from multiple computers in various locations to use up bandwidth, flood the website with requests or make the system unavailable. The botnets are connected devices corrupted with malware that allows the hacker to control the computer remotely. As of 2015, researchers have pointed out changes in hacker methodology and an increase in DDoS attacks of up to 400Gbit/s by using traffic amplification mechanisms.

The reasons behind these attacks could be blackmail, revenge, extortion, vandalism or hacktivism, as in the case of Anonymous.

All websites are exposed to such attacks, from news sites to banks, insurance companies or high profile enterprises. Unlike phishing attacks, DoS attacks are not very complex and are usually carried out by script kiddies or highly experienced botmasters that can rally up a significant number of infected computers.

Script kiddies are internet hooligans, not software engineers, who purchase software created by advanced programmers to scan a computer for vulnerabilities.

Not all DDoS attacks are malicious

Sometimes, your website or blog might get in the spotlight for a brief period of time. Legitimate users wishing to get to your front page might fill up the serving capabilities of your web application and render it inoperable. This issue typically affects small and medium-size online stores during consecrated shopping sprees like Black Friday or Cyber Monday when a large number of customers try to secure some products at discount prices. It is recommended that system administrators plan for these events and temporarily scale up their infrastructure to be able to accommodate large amounts of customers in a 24 hour period of time.

How to tell if you’re a victim of DoS

As expected, if the victim is not tech-savvy it might be difficult to immediately detect the attack or do something about it on their own.

Some basic steps you can follow are to first check if your website slow. If it’s taking longer than usual to run you can start scanning your computer and also check log files. Users know they are dealing with a DoS attack when the website reads ‘service unavailable’.

Because they are usually launched from multiple locations, DDoS attacks can’t be stopped only by cutting off one IP address. The wisest thing to do is to immediately take care of the problem and contact your Internet Service Provider for assistance. Alternatively, you can design your infrastructure with load balancing in mind to be able to briefly accommodate a much larger number of visitors than your site usually experiences.

About the author


The meaning of Bitdefender’s mascot, the Dacian Draco, an ancient symbol that depicts a mythical animal with a wolf’s head and a dragon’s body, is “to watch” and to “guard with a sharp eye.” Like our mascot, we are committed to using Bitdefender Labs, our world-class research team, to vigilantly find and eradicate threats for our customers, and to use our platform for the larger good.