Denial of Service (DoS) attacks overwhelm a system with traffic to cause a disruption in service, rendering the system inaccessible to its users.
How Does a DoS Attack Work?
The purpose of a DoS attack is to crash a network or device so that it is unavailable to users. A DoS attack overwhelms a system with traffic until it ceases functioning to deny users the service they’re anticipating. Most DoS attacks target high-profile web servers like those of banks, e-commerce sites, governments, trade organizations, or media outlets. Many DoS attacks don’t involve any type of theft—rather, they intend to inconvenience the targeted organization and cost them time and money to bring their system back online.
“Many DoS attacks don’t involve any type of theft—rather, they intend to inconvenience the targeted organization and cost them time and money to bring their system back online.”
Microsoft Defender
Stay safer online with one easy-to-use app1
1Microsoft 365 Personal or Family subscription required; app available as separate download
There are two types of DoS attacks: flood attacks and buffer overflow attacks.
Flood Attack
One way to crash a system is to flood the network with packets—units of data that are grouped together and moved across network systems—until a server is overwhelmed and crashes. The attacker must have more bandwidth than the server its targeting in order for a flood attack to work.
Buffer Overflow Attack
A buffer overflow attack attempts to send more traffic to a system than that system has been built to handle. When this happens, a system uses all of its available memory, CPU time, and hard disk space, causing the system to run slowly or crash.
What Is the Difference Between a Distributed Denial of Service (DDoS) Attack and a DoS Attack?
Unlike a DoS attack, which only requires a single connection for attack, a distributed denial of service (DDoS) attack leverages a network of devices to attack a target. DDoS attacks may incorporate botnets, which increases an attacker’s power and capacity for orchestrating large scale actions. In general, security technology can protect users against DoS attacks, but DDoS attacks are more complicated and may pose a greater security risk to network systems.
How to Tell if a DoS Attack Is Happening
The effects of a DoS attack often resemble simple network connectivity or performance issues. Signs of a DoS attack to keep an eye out for include:
Sudden loss of connectivity of all devices on a single network
Slow performance and load times for websites and files
Not being able to access a specific website
To diagnose a DoS attack, a firewall or intrusion detection system can monitor network traffic and identify disruptions. If you have reason to believe that your organization’s network is under attack, you should contact your network administrator. They’ll be able to determine whether the connectivity issue or outage is due to an attack or another issue.
How to Protect Your Network from a DoS Attack
Taking the following steps can help protect your system from attack and ensure that you have a plan in place should a DoS attack occur:
Optimize your security settings, including minimizing public access to information
Find a DoS protection service to monitor, filter, and redirect abnormal traffic away from your organization’s network
Implement a disaster recovery plan to avoid major time and financial losses
The cybersecurity landscape is constantly evolving. Check out more privacy and security tips and tricks to ensure that your systems and data are protected.
Get started with Microsoft 365
It’s the Office you know, plus the tools to help you work better together, so you can get more done—anytime, anywhere.
Identify and stop a CEO fraud attack with these tips. Learn how this scam, sometimes known as whale fishing, is aimed at company executives and how to master CEO fraud detection.
Recognize questionable behavior on social media such as off-putting and automated messages. Learn why this behavior may be a sign of social media bots and other indicators.