What is a DOS attack and why should I care?

Denial of Service DOS attackTwitter seems to be back on it’s feet after dealing with the wrath of the DOS (denial of service) attack that hit it last Thursday, causing several hours of outages and even more hours of slow service. The DOS attack was apparently aimed at a specific blogger and negatively impacted not only Twitter, but that of Facebook and the all Powerful Google. It appears the attack was targeting one specific user who has accounts on all three sites.

What It Is?

DOS, is this like the MS-DOS the programming language that has made Bill Gates millions? Is this another reason to dislike those guys from the Pacific Northwest? No, it is not (and don’t worry, we have enough reasons).

A DOS attack is something that bad people create on the internet. A DOS attack can take many forms, but they are all designed to impair the use of a specific internet entity – website, firewall, router, mail server –  all involve the device being flooded with traffic in an attempt to overload the device and deny legitimate web traffic.

Usually (and as happened in this case), a DOS attack uses web-bots to distribute the attack from a number of computers. It must come from many many sources simultaneously in order to generate enough activity to work. Often these bots are distributed through Malware and Viruses, but they can be configured as a botnet by the perpetrator using any available unsecured devices and networks.

Why Should I Care?

We cannot control every aspect of the internet environment and there are great numbers of bad people out there using it to do bad things. Terrorist sects, rogue nations and international criminals are often behind these attacks although we are culturally inclined to think that geeks, dorks or dweebs with nothing better to do are often the cause.

The events of August 7 shows that even the big fish are vulnerable. Now is a good time to take a look at your electronic use policy, your network security, the security of your web presence and how much you rely on third party internet entities in your daily work flow. This event reinforces that bad things can happen and planning for those events are important.

It is shocking to see how many attempts to attack our server are tracked in the log files everyday. We see people testing the security of our system day after day, year in and year out. That is the nature of the web. Backing up data, updating software and systems and using complex security passwords are a few simple things we can all do to make ourselves safer.