Earlier this month, I wrote on the changing face of cybersecurity, and last week I wrote a blog on recent high-profile security attacks, and what lessons we can take away from them. Today, as part of our ongoing series on security, I wanted to take a deeper dive into the different kinds of Denial of Service attacks (DoS), and what enterprises need to do in order to better secure themselves from this growing threat. We’ve touched on the topic a few times in the last several blogs, but there’s a fair amount more to chew on here.
Three kinds of DoS- classic, DDoS, PDoS
First off, there are three different main variations on DoS attacks, all of which are distinct from traditional data theft or information loss (though those attacks may happen as a result of DoS). While the industry tends to disagree a bit about the proper acronyms to use, the underlying concepts are widely agreed upon—here’s the rundown, using the nomenclature we typically use at Moor Insights & Strategy. First, the classic Denial of Serviceattack, referred to simply as DoS. This attack refers to when a server made inaccessible by either overloading it with traffic, or compromising the firmware. A slight twist on this is that sometimes a server with compromised firmware can technically still be available, but being used simultaneously by a baddie for criminal purposes. This is a particularly sinister threat, because users might not immediately realize that they’ve been compromised.
Next up, we’ve got the Distributed Denial of Service, or DDoS. This form of DoS occurs when a server is attacked from many different locations—making it incredibly difficult to pinpoint where exactly the attack is coming from. You’ve probably been hearing lot about this one—the recent gigantic Mirai-Dyn attack falls under this category. In that case, experts believe that the Mirai bot targeted IoT devices with unsecured IoT devices and out-of-date firmware, and transformed it into a huge botnet that overloaded traffic into Dyn. This was one of those attacks that we in the industry see as a harbinger of things to come—with the proliferation of IoT and edge devices, the threat surface is growing and becoming increasingly vulnerable to attacks of this nature.
As we’ve discussed before, security is a constantly moving target and the players, techniques and remedies change over and over. Compute clients and networks were the soft spot five years ago but now it’s the server. Hackers go after the soft spots.
DoS attacks are ramping up, and it’s important to know what they are and how they could potentially affect your enterprise. They can kill productivity and cause massive down time, such as the Mirai-Dyn incident, or they can open the door to data theft and information loss and even ruin your hardware. Right now it’s a hacker’s playground out there, with unsecured devices popping up left and right and most enterprises still struggling to devise effective, holistic security strategies to address the expanding threat surface and changing characteristics. This is a problem that’s only going to get worse unless the right measures are taken, and soon.