Cyberattacks are constant concerns throughout the world. Companies are increasingly reinforcing their existing security environments, as well as progressively investing in new technologies that might provide better defenses for possible attacks.
In this context, one kind of attack that has been occurring throughout the year of 2020 was the DoS attack.
It is about such types of attacks that we will discuss further.
Let us see together?
Firstly, we will recapitulate around what are the DoS attacks all about.
DENIAL OF SERVICE ATTACK
The Denial-of-Service-Attacks (also known as DoS attacks) have the intention of making a determinate service unavailable.
For such, one of the strategies more commonly adopted by the hackers is the generation of an elevated amount of requests on a certain service (causing an overload in the system), in this way, the service will get unavailable.
In order to increase the strength of the attack (as well as their chances of succeeding) hundreds of computers interconnected might be utilized by the network, infected with virus and accessing simultaneously the same resource of a single system. This kind of attack is related to a distributed strike (also known as DDoS – Distributed Denial of Service).
In case the attack is successful, the system might reboot or even simply stop working.
This kind of invasion can make a certain Website to be offline for several hours, certainly causing many damages to the Company responsible for the service and also users that might need the service.
But for what reason a Web Page would be unavailable because of multiple accesses?
The answer is simple. The Web Servers have a limitation on the number of users that can attend simultaneously. Due to the very elevated amount of requisitions for accessing (out of the normal) the site, this number is exhausted, making the system not able to meet any requisition.
Therefore, the Web Page (site) gets unavailable.
CLASSES OF DENIAL OF SERVICES
Still in the aspect of the Denial-of-Service-Attacks (DoS) we have two main classes of methods of incursion.
Let’s see subsequently which are those and their main characteristics:
- Attacks through the diminishing of the bandwidth – Such types of attacks are divided into two categories: flooding attacks and attacks by amplification.
- Flooding: Aimed to sending a very elevated volume of traffic to a certain system, making the respective band totally congested. With such type of attack, a Web Page can become just very slow for the access of users or even staying out of the air.
- Amplification: Directed to sending tampered requests (changing the origin IP), making the network (where the system is located) congested.
- Attacks through the exploitation of protocols – Those kinds of attacks strive to utilize in excess all the resources of a certain system, exploring some gaps of implementation of protocols (utilized by the system).
As we can observe above, hackers can adopt more than one strategy for realizing a certain type of attack.
In case any of those attacks is successful, the damage can be incalculable.
PROTECTION MEASURES
Now, we will check two of the main measures, that the companies might adopt in order to protect themselves against the DoS attacks.
- To elaborate a prevention based on a complete evaluation in the existing infrastructure – It is very important for the Companies to develop an internal plan in order to guarantee that the necessary actions be taken.
Such plan needs several actions to be defined, among which we may quote: checklists, a complete list with all the systems involved, notification procedures and scheduling among other measures.
- Technology – It is not enough only to have a security policy well-defined, if there is no technological element of security in the infrastructure, to be able to respond to the DoS attacks.
Such elements involve from network firewalls, such as antivirus resources, anti-spams for managing and mapping of the network (Session Border Controller), among others.
This set of security elements working together will provide a barrier of safety, which might help your Company to prevent DoS attacks.
It is also important to analyze if the existing equipment have the minimal necessary requirements for security and if those will be updated. In this case, it is fundamental that such equipment is under an active contract of maintenance with their respective keepers and in the production line.
Equipment discontinued probably will not have new versions and with this they might get obsolete technologically as well as unprepared for new kinds of attacks.
Besides all the points stated above, it is fundamental that your Company have total network visibility and is able to identify, promptly, all the traffic and also taking the necessary decisions more quickly.
The Denial-of-Service-Attacks (DoS) are not only destined to impact medium and large companies. Because smaller companies can also be a target of such attacks and need to have a minimum infrastructure necessary to prevent such possibilities.
FINAL CONSIDERATIONS
In this way, there are no doubts about the importance of investing on network management. In this manner, bringing not only benefits to the network visibility but also being a complementary way to seek for the prevention of problems that might cause the dropping of network services.
Thinking of that, Telcomanager present in the market since 2002, and a leading Latin America brand in the sector of software for managing networks. Also counting with a unique and innovative technology, deploying smart solutions in the monitoring of data that will provide a stratified vision of the traffic, is now allowing your Company to follow the most important aspects of your network, in real time.