What is a denial-of-service attack?
A denial-of-service (DoS) attack is a security threat that occurs when an attacker makes it impossible for users to access computer systems, network, services or other information technology (IT) resources. Attackers in these types of attacks typically flood web servers, systems or networks with traffic that overwhelms the victim's resources and makes it difficult or impossible for anyone else to access them.
Unlike other cyber attacks, DoS attacks do not typically result in stolen, destroyed, or corrupted data. Instead, DoS attacks cause damage by making an organization incapable of running essential systems and services, which can be costly to recover. Banks, media companies, governments, and other large organizations are all popular targets due to the high level of disruption that their inability to function causes.
How can denial-of-service attacks be prevented?
Organizations can take the following actions toward denial-of-service attack protection and prevention:
- Monitor and analyze network traffic: Network traffic can be supervised via a firewall or intrusion detection system. Administrators can set up rules that create alerts for unusual traffic, identify traffic sources or drop network packets that meet a certain criteria.
-
- Strengthen their security posture: This includes fortifying all internet-facing devices to prevent compromise, installing and maintaining antivirus software, establishing firewalls configured to protect against DoS attacks and following robust security practices to monitor and manage unwanted traffic.
-
- Monitor traffic: Organizations can enroll in a service that detects or redirects the abnormal traffic flows typically associated with a DoS attack, while allowing normal traffic to proceed on the network.
-
- Establish a DoS attack response plan: The key is to create and also practice a disaster recovery plan for DoS attack that covers communication, mitigation and recovery.
