What Is a Denial of Service (DoS) Attack?

Denial of Service (DoS) attacks overwhelm a system with traffic to cause a disruption in service, rendering the system inaccessible to its users.

How Does a DoS Attack Work?

The purpose of a DoS attack is to crash a network or device so that it is unavailable to users. A DoS attack overwhelms a system with traffic until it ceases functioning to deny users the service they’re anticipating. Most DoS attacks target high-profile web servers like those of banks, e-commerce sites, governments, trade organizations, or media outlets. Many DoS attacks don’t involve any type of theft—rather, they intend to inconvenience the targeted organization and cost them time and money to bring their system back online.

“Many DoS attacks don’t involve any type of theft—rather, they intend to inconvenience the targeted organization and cost them time and money to bring their system back online.”

Microsoft Defender

Stay safer online with one easy-to-use app¹

¹Microsoft 365 Personal or Family subscription required; app available as separate download

Learn More

Types of DoS Attacks

There are two types of DoS attacks: flood attacks and buffer overflow attacks.

Flood Attack

One way to crash a system is to flood the network with packets—units of data that are grouped together and moved across network systems—until a server is overwhelmed and crashes. The attacker must have more bandwidth than the server its targeting in order for a flood attack to work.

Buffer Overflow Attack

A buffer overflow attack attempts to send more traffic to a system than that system has been built to handle. When this happens, a system uses all of its available memory, CPU time, and hard disk space, causing the system to run slowly or crash.

What Is the Difference Between a Distributed Denial of Service (DDoS) Attack and a DoS Attack?

Unlike a DoS attack, which only requires a single connection for attack, a distributed denial of service (DDoS) attack leverages a network of devices to attack a target. DDoS attacks may incorporate botnets, which increases an attacker’s power and capacity for orchestrating large scale actions. In general, security technology can protect users against DoS attacks, but DDoS attacks are more complicated and may pose a greater security risk to network systems.

How to Tell if a DoS Attack Is Happening

The effects of a DoS attack often resemble simple network connectivity or performance issues. Signs of a DoS attack to keep an eye out for include:

Sudden loss of connectivity of all devices on a single network
Slow performance and load times for websites and files
Not being able to access a specific website

To diagnose a DoS attack, a firewall or intrusion detection system can monitor network traffic and identify disruptions. If you have reason to believe that your organization’s network is under attack, you should contact your network administrator. They’ll be able to determine whether the connectivity issue or outage is due to an attack or another issue.

How to Protect Your Network from a DoS Attack

Taking the following steps can help protect your system from attack and ensure that you have a plan in place should a DoS attack occur:

Install antivirus software
Install a firewall
Optimize your security settings, including minimizing public access to information
Find a DoS protection service to monitor, filter, and redirect abnormal traffic away from your organization’s network
Implement a disaster recovery plan to avoid major time and financial losses

The cybersecurity landscape is constantly evolving. Check out more privacy and security tips and tricks to ensure that your systems and data are protected.

Microsoft 365 Logo