Nothing Special   »   [go: up one dir, main page]
Wikipedia

Denial-of-service attack: Difference between revisions

Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
No edit summary
revert; long term spammer (pattern of adding clumsy google book searches and one spam link)
Line 4:
[[File:Stachledraht DDos Attack.svg|thumb|Diagram of a DDoS attack. Note how multiple computers are attacking a single computer.]]
 
In [[computing]], a '''denial-of-service attack''' ('''DoS attack''') is a [[cyber-attack]] in which the perpetrator seeks to make a machine or network resource unavailable to its intended [[user (computing)|users]] by temporarily or indefinitely disrupting [[network service|services]] of a [[host (network)|host]] connected to a [[Computer network|network]]<ref>{{Cite book |last=Liu |first=Feng |url=https://books.google.com/books?id=9vd6DwAAQBAJ&newbks=0&printsec=frontcover&pg=PA96&dq=%22denial-of-service+attack%22+(DoS+attack)+is+a+cyber-attack+in+which+the+perpetrator+seeks+to+make+a+machine+or+network+resource+unavailable+to+its+intended+users+by+temporarily+or+indefinitely+disrupting+services+of+a+host+connected+to+a+network.&hl=vi |title=Science of Cyber Security: First International Conference, SciSec 2018, Beijing, China, August 12-14, 2018, Revised Selected Papers |last2=Xu |first2=Shouhuai |last3=Yung |first3=Moti |date=2018-11-19 |publisher=Springer |isbn=978-3-030-03026-1 |pages=96 |language=en}}</ref>. Denial of service is typically accomplished by [[Flooding (computer networking)|flooding]] the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.<ref>{{cite web |date=6 February 2013 |title=Understanding Denial-of-Service Attacks |url=https://www.cisa.gov/news-events/news/understanding-denial-service-attacks |access-date=26 May 2016 |publisher=US-CERT}}</ref> The range of attacks varies widely, spanning from inundating a server with millions of requests to slow its performance, overwhelming a server with a substantial amount of invalid data, to submitting requests with an illegitimate [[IP address]].<ref>{{Cite journal |last1=Elleithy |first1=Khaled |last2=Blagovic |first2=Drazen |last3=Cheng |first3=Wang |last4=Sideleau |first4=Paul |date=2005-01-01 |title=Denial of Service Attack Techniques: Analysis, Implementation and Comparison |url=https://digitalcommons.sacredheart.edu/computersci_fac/52 |journal=School of Computer Science & Engineering Faculty Publications}}</ref>
 
In a '''distributed denial-of-service attack''' ('''DDoS attack'''), the incoming traffic flooding the victim originates from many different sources. More sophisticated strategies are required to mitigate this type of attack; simply attempting to block a single source is insufficient as there are multiple sources.<ref>{{Cite web|date=2021-01-13|title=What is a DDoS Attack? - DDoS Meaning|url=https://usa.kaspersky.com/resource-center/threats/ddos-attacks|access-date=2021-09-05|website=Kaspersky |language=en}}</ref>
 
A DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, thus disrupting trade and losing the business money.

Criminal perpetrators of DoS attacks often target sites or services hosted on high-profile [[web server]]s such as [[Bank|banks]] or [[credit card]] [[payment gateway]]s. [[Revenge]], [[blackmail]]<ref>{{cite web |last1=Prince |first1=Matthew |author-link=Matthew Prince |date=25 April 2016 |title=Empty DDoS Threats: Meet the Armada Collective |url=https://blog.cloudflare.com/empty-ddos-threats-meet-the-armada-collective/ |access-date=18 May 2016 |website=CloudFlare}}</ref><ref>{{cite web|url=http://www.interpacket.com/42882/brand-com-victim-blackmail-attempt-says-president-mike-zammuto/ |title=Brand.com President Mike Zammuto Reveals Blackmail Attempt|date=5 March 2014|archive-url=https://web.archive.org/web/20140311070205/http://www.interpacket.com/42882/brand-com-victim-blackmail-attempt-says-president-mike-zammuto/|archive-date=11 March 2014}}</ref><ref>{{cite web|url=http://dailyglobe.com/61817/brand-coms-mike-zammuto-discusses-meetup-com-extortion/|title=Brand.com's Mike Zammuto Discusses Meetup.com Extortion|date=5 March 2014|archive-url=https://web.archive.org/web/20140513044100/http://dailyglobe.com/61817/brand-coms-mike-zammuto-discusses-meetup-com-extortion/|archive-date=13 May 2014|url-status=dead}}</ref> and [[hacktivism]]<ref name=":1">{{cite web |last=Halpin |first=Harry |date=2010-12-17 |title=The Philosophy of Anonymous |url=http://www.radicalphilosophy.com/article/the-philosophy-of-anonymous |access-date=2013-09-10 |publisher=Radicalphilosophy.com}}</ref> can motivate these attacks.
 
== History ==
{{expand section|date=July 2017}}
[[Panix (ISP)|Panix]], the third-oldest [[Internet service provider|ISP]] in the world,<ref>{{Cite book |last=Husain |first=Mohammad Shahid |url=https://books.google.com/books?id=6chOEAAAQBAJ&newbks=0&printsec=frontcover&pg=PA22&dq=Panix,+the+third-oldest+ISP+in+the+world,&hl=vi |title=Pervasive Healthcare: A Compendium of Critical Factors for Success |last2=Adnan |first2=Muhamad Hariz Bin Muhamad |last3=Khan |first3=Mohammad Zunnun |last4=Shukla |first4=Saurabh |last5=Khan |first5=Fahad U. |date=2021-11-15 |publisher=Springer Nature |isbn=978-3-030-77746-3 |pages=22 |language=en}}</ref> was the target of what is thought to be the first DoS attack. On September 6, 1996, Panix was subject to a [[SYN flood]] attack,<ref>{{Cite web |last=Gupta |first=Pankaj |date=2021-09-29 |title=DDoS Attacks 25th Anniversary: A Wake-Up Call |url=https://www.infosecurity-magazine.com/blogs/ddos-attacks-25th-anniversary-a/ |access-date=2024-04-15 |website=Infosecurity Magazine |language=en-gb}}</ref> which brought down its services for several days while hardware vendors, notably [[Cisco]], figured out a proper defense.<ref>{{Cite web|url=https://www.cisco.com/c/en/us/about/press/internet-protocol-journal/back-issues/table-contents-30/dos-attacks.html|title=Distributed Denial of Service Attacks - The Internet Protocol Journal - Volume 7, Number 4|website=Cisco|language=en|access-date=2019-08-26|archive-url=https://web.archive.org/web/20190826143507/https://www.cisco.com/c/en/us/about/press/internet-protocol-journal/back-issues/table-contents-30/dos-attacks.html|archive-date=2019-08-26}}</ref>
 
Another early demonstration of the DoS attack was made by Khan C. Smith in 1997 during a [[DEF CON]] event, disrupting Internet access to the [[Las Vegas Strip]] for over an hour. The release of sample code during the event led to the online attack of [[Sprint Corporation|Sprint]], [[EarthLink]], [[E-Trade]] and other major corporations in the year to follow.<ref>{{cite web|last1=Smith|first1=Steve|title=5 Famous Botnets that held the internet hostage|url=https://tqaweekly.com/episodes/season5/tqa-se5ep11.php|publisher=tqaweekly|access-date=November 20, 2014}}</ref>

The largest DDoS attack to date happened in September 2017, when [[Google Cloud Platform|Google Cloud]] experienced an attack with a peak volume of {{val|2.54|u=Tb/s}}, revealed by Google on October 17, 2020.<ref>{{Cite web |last=Cimpanu |first=Catalin |title=Google says it mitigated a 2.54 Tbps DDoS attack in 2017, largest known to date |url=https://www.zdnet.com/article/google-says-it-mitigated-a-2-54-tbps-ddos-attack-in-2017-largest-known-to-date/ |access-date=2021-09-16 |website=ZDNet |language=en}}</ref> The record holder was thought to be an attack executed by an unnamed customer of the US-based service provider [[Arbor Networks]], reaching a peak of about {{val|1.7|u=Tb/s}}.<ref>{{cite web|url=https://arstechnica.com/information-technology/2018/03/us-service-provider-survives-the-biggest-recorded-ddos-in-history/|title=US service provider survives the biggest recorded DDoS in history|first=Dan|last=Goodin|date=5 March 2018|website=Ars Technica|access-date=6 March 2018}}</ref>
 
In February 2020, [[Amazon Web Services]] experienced an attack with a peak volume of {{val|2.3|u=Tb/s}}.<ref>{{Cite news|date=Jun 18, 2020|title=Amazon 'thwarts largest ever DDoS cyber-attack'|work=BBC News|url=https://www.bbc.com/news/technology-53093611|access-date=Nov 11, 2020}}</ref> In July 2021, CDN Provider [[Cloudflare]] boasted of protecting its client from a DDoS attack from a global [[Mirai botnet]] that was up to 17.2 million requests per second.<ref>{{Cite web |date=2021-08-23 |title=Cloudflare Mitigated Record-Setting 17.2 Million RPS DDoS Attack |url=https://www.securityweek.com/cloudflare-mitigated-record-setting-172-million-rps-ddos-attack/ |website=SecurityWeek}}</ref> Russian DDoS prevention provider [[Yandex]] said it blocked a HTTP pipelining DDoS attack on Sept. 5. 2021 that originated from unpatched Mikrotik networking gear.<ref>{{Cite web|title=Yandex Pummeled by Potent Meris DDoS Botnet|url=https://threatpost.com/yandex-meris-botnet/169368/|access-date=2021-12-23|website=threatpost.com|date=10 September 2021 |language=en}}</ref>
 
In the first half of 2022, the [[War in Ukraine (2022)|war in Ukraine]] significantly shaped the cyberthreat landscape,<ref>{{Cite web |title=The role of cyber in the Russian war against Ukraine |url=https://www.europarl.europa.eu/RegData/etudes/BRIE/2023/702594/EXPO_BRI(2023)702594_EN.pdf |access-date=2024-04-15 |website=www.mckinsey.com}}</ref> with an increase in cyberattacks attributed to both state-sponsored actors and global hacktivist activities. The most notable event was a DDoS attack in February, the largest Ukraine has encountered, disrupting government and financial sector services<ref>{{Cite web |title=Ukraine computers hit by data-wiping software as Russia launched invasion |url=https://www.reuters.com/world/europe/ukrainian-government-foreign-ministry-parliament-websites-down-2022-02-23/ |access-date=2024-04-15}}</ref><ref>{{Cite web |title=Ukrainian mobile bank sees a spike in ‘non-stop’ DDoS pressure |url=https://therecord.media/monobank-ukraine-ddos |access-date=2024-04-15 |website=therecord.media}}</ref><ref>{{Cite web |last=Jan Sima |first= |title=Bizfly Anti DDoS |url=https://bizflycloud.vn/anti-ddos |access-date=2024-04-15 |website=Dịch vụ điện toán đám mây Bizfly Cloud |language=vi}}</ref>. This wave of cyber aggression extended to Western allies like the UK, the US, and Germany. Particularly, the UK's financial sector saw an increase in DDoS attacks from [[Nation state|nation-state]] actors and hacktivists, aimed at undermining Ukraine's allies.<ref name=":2">{{Cite web |last=Team |first=Azure Network Security |date=2023-02-21 |title=2022 in review: DDoS attack trends and insights |url=https://www.microsoft.com/en-us/security/blog/2023/02/21/2022-in-review-ddos-attack-trends-and-insights/ |access-date=2024-04-07 |website=Microsoft Security Blog |language=en-US}}</ref>
 
In February 2023, Cloudflare faced a 71 million/requests per second attack which Cloudflare claims was the largest HTTP DDoS attack at the time.<ref>{{Cite web|title=Cloudflare mitigates record-breaking 71 million request-per-second DDoS attack|url=
https://blog.cloudflare.com/cloudflare-mitigates-record-breaking-71-million-request-per-second-ddos-attack/|access-date=2024-01-13|website=The Cloudflare Blog|date=13 February 2023|language=en}}</ref> HTTP DDoS attacks are measured by HTTP requests per second instead of packets per second or bits per second.

On July 10, 2023, the fanfiction platform [[Archive of Our Own]] (AO3) faced DDoS attacks, disrupting services. [[Anonymous Sudan]], claiming the attack for religious and political reasons, was viewed skeptically by AO3 and experts. Flashpoint, a threat intelligence vendor, noted the group's past activities but doubted their stated motives. AO3, supported by the non-profit [[Organization for Transformative Works]] (OTW) and reliant on donations, is unlikely to meet the $30,000 [[Bitcoin]] ransom.<ref>{{Cite web |last=Weatherbed |first=Jess |date=2023-07-11 |title=AO3 fanfiction site forced offline by wave of DDoS attacks |url=https://www.theverge.com/2023/7/11/23790860/ao3-fanfiction-archive-down-outage-ddos-attacks |access-date=2024-04-09 |website=The Verge |language=en}}</ref><ref>{{cite web |date=10 July 2023 |title=Archive of Our Own is down due to a DDoS attack |url=https://www.polygon.com/23790167/ao3-down-ddos-attack-archive-of-our-own |website=Polygon}}</ref>
 
In August 2023, the group of hacktivists [[Noname057(16)|NoName057]] targeted several Italian financial institutions, through the execution of [[slow DoS attack]]s.<ref>{{cite web|url=https://www.redhotcyber.com/post/settimo-giorno-di-attacchi-informatici-allitalia-noname05716-torna-alle-banche-e-alle-telecomunicazioni/ |title=Settimo giorno di attacchi informatici all'Italia. NoName057(16) torna alle Banche e alle Telecomunicazioni |date=6 August 2023 }}</ref> On 14 January 2024, they executed a DDoS attack on Swiss federal websites, prompted by [[President Zelensky]]'s attendance at the [[Davos World Economic Forum]]. Switzerland's National Cyber Security Centre quickly mitigated the attack, ensuring core federal services remained secure, despite temporary accessibility issues on some websites.<ref>{{Cite web |last=swissinfo.ch |first=S. W. I. |date=2024-01-17 |title=Switzerland hit by cyberattack after Ukraine president's visit |url=https://www.swissinfo.ch/eng/politics/switzerland-hit-by-cyberattack-after-ukraine-president-s-visit/49136116 |access-date=2024-04-08 |website=SWI swissinfo.ch |language=en-GB}}</ref>
Retrieved from "https://en.wikipedia.org/wiki/Denial-of-service_attack"