Put your hands up if you didn’t get the new PS5. Me neither… but I’m still waiting on *cough* *cough* to buy me one. The PS5 sold out in minutes. This is a common occurrence with popular items where they have sold out even before the website has finished loading. One of the reasons is due to one person using bots to buy a huge quantity, which leaves nothing for the rest of us. It wouldn’t be classed as a Denial of Service attack (DoS), but it’s a similar concept.
A Denial of Service attack involves flooding a server with so many requests that the server either becomes slow or stops working altogether. This then denies other people from accessing the site and buying products. There are various ways attackers can carry out this attack:
- Browser redirection: For example, a user requests YouTube and gets taken to another site.
- Destruction of Data: Hackers can delete data which can result in a ‘resource not found’ error when a file is requested.
- Resource Exhaustion: Requesting a webpage hundreds of times to overload it, causing it to crash.
How it works – (bare with me)
This is the technical side behind it all and I’ll try to break it down as simply as I can. So one way a hacker can cause a DoS is via the TCP/IP* 3-way handshake. Let’s go through the process. Before you want to access a website (for example nike.com), a 3-way handshake must be established before this can happen.
- A user initiates a connection with the server so the user sends a SYN packet to the server
- The server responds by sending a SYN/ACK packet back to the user
- The user then responds with an ACK packet to complete the connection.
Once this is done then the server can respond to any requests from the user. For example the user will be able to access the Nike website. However, hackers have exploited this known process by sending lots and lots and lots and lots and lots and lots (you get the idea) of SYN packets. The server thinks these are proper requests and will reply with an SYN/ACK packet. But these hackers will not send the ACK packet to complete the connection. This leaves the server hanging and the server is then waiting for a response. A server can only have so much open requests and this backs up the server resulting in denied service to all legitimate requests. Developers have advanced, and these methods no longer work on properly configured websites. But there’s no stopping these hackers. They said, “You wait there, I’m coming back”. I now introduce to you(wait for it) *pause for dramatic effect* ……DDoS.
DDoS
DDoS is a Distributed Denial of Service and this type of attack overloads a system and exceeds the website’s capacity to handle requests and crashes the website. These can last up to weeks. What would be useful is if a company can see the symptoms of a DDoS which can include an inability to access the website or very slow access to files.
A DoS attack only uses one device, however a DDoS attack will use multiple devices to flood the server with requests. A hacker will establish a zombie network**, which can include IoT devices like smart fridges, webcams and printers. They will then leverage these devices in order to carry out their malicious attack.
As stated before, a server can only handle a certain amount of requests. So when the level of requests exceeds its capacity, the level of service drops massively. The server will either be really slow or requests will be ignored. Companies would need to have a good response plan in place and a strong network architecture to fight this. DDoS can even come from companies’ competitors trying to ruin your business. Corporate espionage is real, but I don’t think you’re ready for that conversation *sips tea*. Ultimately, it aims to deny users of a particular service. The service will be so slow that they end up shopping somewhere else. DDoS can sometimes be used as a distraction so that hackers can steal data. I would suggest contacting your ISP*** if you come under an attack.
Hackers mainly target eCommerce websites so that they can damage business reputation and prevent customers from making purchases and receiving assistance. Hackers will never rest and the threat environment is forever changing. So, it’s important to know what kind of threats are out there and how best to tackle them.
| ‘Tips with T’ |
| – Understand the warning signs of an attack – Have a response plan in place – Have a strong network architecture |
** Collection of infected computers/devices that are connected to the internet
***Internet service provider
Love & Guidance
TT
The TT Protocol 
So how do you deal with this, kind of attack
LikeLike
One way is to get in touch with your internet service provider to see if they can re-route the traffic, so your servers can remain free. it is hard to spot but there are tools/services you can use to recognise traffic spikes
LikeLike