Skip to Primary Menu Skip to Utility Menu Skip to Main Content Skip to Footer
Noname Security Logo
What is a Denial of Service (DoS) Attack?

What is a Denial of Service (DoS) Attack?

Harold Bell
Share this article

Key Takeaway

A Denial of Service (DoS) attack is a type of cyberattack that aims to make a computer or network resource unavailable to its intended users. It is usually caused by flooding the target with requests or data packets until it is overwhelmed and unable to respond. There are four concise steps that will help you prevent and recover from a denial-of-service attack discussed below.

A denial of service attack is a type of cyberattack in which an attacker causes a target system to no longer be available for legitimate requests by overloading it with bogus requests. A DoS attack can be conducted in a number of ways, including flooding the target system with requests from multiple sources simultaneously (known as a distributed DoS or DDoS attack), sending requests that are too large or too numerous for the target system to handle, and using automated tools that send requests without human intervention.

Common types of DoS attacks

There are different types of denial of service attacks with different goals.

  • Flooding: One common type of denial of service attack is the flooding attack. In a flooding attack, bots flood the network, causing the website to crash due to the overwhelming number of requests it is receiving.
  • SYN flood: Another common type of denial of service attack is the SYN flood. This attack works by attempting to send so many SYN packets to the target system that it becomes unable to respond. SYN packets are used to establish a connection, but if too many SYN packets are sent at once, the target machine will not be able to accept any further inbound requests for  a connection and the attack will have succeeded in making the target server no longer available to legitimate users.
  • Amplification Attack: One type of DDoS attack is known as an amplification attack. This type of attack works by using a botnet to send requests to the target system. Botnets are networks of infected computers used by attackers in order to perform attacks. Botnets usually consist of thousands of computers that all belong to a single attacker or adversary group.

Signs of a denial-of-service (DoS) attack

GraphQL is typically used with a client application, such as a web browser or a mobile application. The client application requests data from the API using GraphQL and parses the response into a readable format. For example, you might use GraphQL to get information about a user account from an API provider such as Facebook. This response would be processed on the client by converting the JSON result to HTML, then sent to the user’s web browser. Alternatively, you could use GraphQL to request a list of products from an API provider such as Amazon. The response would be parsed by the JavaScript in the client application which would generate an HTML page for the user to view the list of products. In both these examples, the client application would be able to process the result because it speaks GraphQL.

What is a distributed denial of service (DDoS) attack?

A denial of service attack that is designed to bring down a website is referred to as website defacement or a Distributed Denial of Service (DDoS) attack. This is a term for when an attacker uses several computers to send millions of requests for data to a server. Websites and other online services are usually designed to support a certain amount of traffic before experiencing scale problems, and a denial of service attack is designed to cause the site to become overloaded with traffic and fail. Many websites are easily brought down due to this type of attack because the owners often neglect to implement the proper security measures to protect their website from these types of attacks.

DoS vs DDoS

A DoS attack and a DDoS attack are similar in that they both attempt to deny access to the website by overwhelming it with traffic or phony requests. However, there are some key differences between the two attacks. In a DoS attack, there is a third party involved who is sending the attack to the target system. Whereas in a DDoS attack, the target system is attacked directly by a botnet. Both are orchestrated by a third party, but the difference is that there is one attacking machine (dos) vs many attacking machines (ddos). A DDoS attack is usually more difficult to mitigate as the attack is coming from a large number of sources, all of which will need to be blocked in some way.

History of denial of service (DoS) attacks

In 1982 the first DoS attack was conducted on the Arpanet using a program called ‘Denial of Service’. This program was designed to flood systems with traffic so that they would crash. In 1984, an attack was conducted on the US Naval Command and Control Network (NCN) using a program called Solar Sunrise. The attackers used fake login requests to infiltrate the security system of the NCN, causing systems to disconnect from the network. This was the first known DoS attack that used a computer to target other systems.

DoS attacks became more common in the 1990s when hackers started using them to attack websites. One notable example of this was the infamous attack by hacker ‘Mafiaboy’ on the official website of the popular game called Runescape. This attack caused the website to be inaccessible for hours and was one of the first DDoS attacks that used a botnet to attack a website. Attacks like these pose a serious threat to companies and governments, as well as Internet users at large.

Another example of a physical DoS attack was the “Mirai” malware campaign that took down large swathes of the internet in 2017. This malware was used to create botnets which were then used to attack websites by sending huge volumes of traffic to these websites and causing them to malfunction. This cyberattack had major implications for companies that use the internet to conduct business such as online stores and large e-commerce sites.

How to prevent denial of service (DoS) attacks

Here are four concise steps that will help you prevent and recover from a denial-of-service attack:

  • Audit network traffic: By leveraging a firewall or intrusion detection system, you can audit network traffic. You can create alerts for anomalous traffic, uncover traffic sources or block and log packets that meet certain characteristics.
  • Improve your security posture: You can accomplish this by securing all network connected devices, investing in antivirus software, configuring your firewalls to protect against DoS attacks and adhering to security best practices around unwanted traffic.
  • Analyze and direct traffic: Similar to automobile traffic, you need to direct the flow of legitimate and malicious traffic. There are services available that can detect and redirect suspicious traffic flows while leaving legitimate traffic untouched.
  • Create an attack response plan: Mike Tyson once said, “Everyone has a plan until they get punched in the face.” Well in this case you need a plan for when you get punched in the face. One that addresses how your teams will communicate, mitigate impact and accelerate recovery.

Denial of Service Attack FAQs

What is the impact of a denial of service attack on an organization?

A denial of service attack can impact your organization in several ways, resulting in downtime that can have rippling effects throughout your organization. Downtime often leads to a loss of revenue, and responding to cyber-attacks requires time and money. DOS attacks can also damage your reputation, making people wary of trusting your organization with potentially sensitive data. 

Fortunately, API security tools can protect against denial of service attacks, and thorough API security testing can help you identify and patch vulnerabilities that could leave you open to attacks.

What should a company do if they have experienced a denial of service attack?

If your organization experiences a denial of service attack, an immediate response is crucial. You should first investigate the incident to figure out how the attack happened and what you can do to prevent future attacks. You may also want to report the attack to law enforcement. 

The next step is to improve your company’s security to reduce the odds of future attacks. You can do this by securing any affected ports and using a security platform to find and fix API vulnerabilities. A quick response will minimize downtime and save you money in the long run.

What is an example of a denial of service attack?

A denial of service attack usually involves using a connection to overload your server’s bandwidth, a form of API abuse that can lead to downtime. One of the most notable real-world examples of a DOS attack was the attack on Dyn in 2016. These attacks caused disruptions for DNS providers, resulting in downtime for websites like Amazon and PayPal.

Can a denial of service attack be completely prevented?

Completely preventing a denial of service attack is difficult, but there are several ways organizations can protect against DOS attacks and reduce their impact. First, you can improve security throughout your organization and prepare for any attacks to minimize downtime and costs. Learning from previous DOS attacks and following API security best practices can also help you protect your APIs from future attacks.

Using an API security platform like Noname Security can help you bolster your security and proactively protect your organization. With real-time protection and pre-production testing, you can secure your APIs to prevent downtime and save money. Request a demo today to see how Noname Security can protect your company.

Harold Bell

Harold Bell was the Director of Content Marketing at Noname Security. He has over a decade of experience in the IT industry with leading organizations such as Cisco, Nutanix, and Rubrik, and has been featured as an executive ghostwriter in Forbes Technology Council and Hacker News.

All Harold Bell posts
Get Started Now (Tab to skip section.)

Get Started Now

Experience the speed, scale, and security that only Noname can provide. You’ll never look at APIs the same way again.