9 de June de 2020

DoS and DDoS: understand and protect your data

Denial of Service (DoS) attacks are designed to make a server unavailable by blocking the execution of tasks. They are more common to WEB servers, but with no delivery of malicious loads. In effect, they consist of directing a volume of access requests that are larger than the server is capable of servicing, so that the system is invalidated due to the overload.

Frequent examples of DoS are web pages shut down because they were attacked in online protests. With a technique of this type, the attacker uses the resources of a single machine to deplete the resources of the attacked machine, preventing it from functioning normally.

This type of attack occurs when there already is a security breach – whether in software, hardware or protocol. Thus, the attacker can not only exceed the processing power of the machine, but also turn it off – just the same, it can lead a software to wear and shut their services (WEB, DNS, FTP, etc.) down.

However, certain WEB servers are more robust and therefore able to bear a DoS attack without experiencing lack in performance. This is the case with servers of large organizations – government, banking industry, communications etc. Focusing on these cases, DDoS – Distributed Denial of Service attack creates several zombie computers, which simultaneously send requests for access, causing the system to fail. This attack is more dangerous.

DoS and DDoS attacks are similar in origin, differentiating in the number of computers used for the attack – which in the case of DDoS are higher in volume (by thousands) and distributed over the Internet, making it more difficult to identify the original attacker.

To prepare for this type of incident, two aspects are fundamental:

  • What are the most important information of your company? Map internally what data may be of interest to cybercriminals and search for vulnerabilities that undermine the security of this information;
  • What are the costs of the denial for your services? It is critical to understand the impact of disrupting your productivity. While some aspects are more difficult to define, it is possible, for example, to measure the losses per hour of inactivity, legal costs and compliance fines, investigative costs etc.

Understand your data and define a security plan to avoid these types of attacks. In information security, it is important to choose the tools of active protection, but at the same time it is essential to be able to map and manage vulnerabilities, which helps to prevent and prepare for more agile responses to this type of incidente.

Download nowCibersecurity Pocket Guide I

Sugestões de leitura

This site uses cookies. Some are essential to the operation of the site; while others help us improve the your experience like user in this site. By continuing, you consent to the use of these cookies. To learn more about cookies, please read our privacy policy.