EThis is a type of computer attack that is intended to disable a computer system for a period of time. A simple example to understand this type of attack would be the following:
Imagine a disco with capacity for 200 people and whose entrance is free. If a competitor wants to ruin it, they should only take 200 friends and, without consuming anything, be there as long as the disco is open. In this way, the competitor has made a DoS attack in real life. In computer science, that disco can be a web page that supports a certain number of concurrent visits. If a malicious actor can simulate these visits and prevent legitimate users from using the web, they will be successfully carrying out these types of attacks.
This situation prevents legitimate users of the system from using the system and the service it provides. These types of attacks may be aimed at affecting the source that offers the information, the application or the transmission channel of the system.. Something to generally achieve by exploiting vulnerabilities or overloading the capacity of servers. The last case is the most common of them, as it is simple, fast and very effective.
Types of DoS Attacks
There are two techniques for this type of attack: denial of service or DoS (for its acronym in English Denial of Service) and la distributed denial of service or DDoS (for its acronym in English Distributed Denial of Service). The difference between the two is the number of computers or IP's that carry out the attack.
In DoS attacks, a massive number of requests to the service are generated from the same machine or IP address. This ends up consuming the resources offered by the service until it exceeds its response capacity and begins to reject requests. As a consequence, the service becomes useless until steps are taken to correct the problem.
In the case of DDoS attacks, requests or connections are made using a large number of computers or IP addresses. These requests are all made at the same time and to the same service under attack. A DDoS attack is more difficult to handle. This is because the requests come from different IP's and the administrator cannot block them all. This attack scheme is very effective against resistant DoS attack systems.
The computers or devices that carry out the DDoS attack are recruited through malware infection. Through this malicious software, infected computers function as a network of bots or zombies, capable of being controlled remotely by a cybercriminal. Due to the size and operation of this network, it has a greater capacity to bring down servers than an attack carried out by only one machine. Hence, they are widely used today to attack very large systems.
But how do these attacks work?
These types of attacks can occur in many ways. But they all have the same purpose: to knock down a service provided by a network or computer system. Basically, attacks consist of:
- Consume the computational resources of the network to collapse the service. Resources such as bandwidth, disk space, or processor time are its main sources of attack.
- Configuration information alteration. These types of attacks are more elaborate, many of them require knowing vulnerabilities in the system or the protocols that make it possible to operate (TCP / IP, UDP, or any other).
- Status information alteration, such as interrupting TCP sessions (TCP reset).
- Obstruction of communication media between users of a service and the victim, so that they can no longer communicate properly.
- Exploitation of vulnerabilities in the service or parts of the system to make it stop working.
DoS and blockchain attacks. Are we protected?
One of the main strengths of technology blockchain it is precisely its resistance to DoS and DDoS attacks. And it is that the decentralized nature of the blockchain, which improves its resistance to these attacks.
This is because a decentralized platform allows network users substantially greater amounts of data processing. A situation that greatly reduces the risk of success of DoS and DDoS. It is thanks to this design, and the inherent cost of sending transactions to the network of the various blockchains, that these attacks are ineffective and highly costly. Another way to carry out DoS attacks is through the use of Attacks Sybil, that Eclipse Attack or using a Erebus attack. The latter is the most dangerous of all, since its scope is global, it requires few resources and is undetectable until the entire network goes down.
However, despite this particularity, there are always cases in which blockchain networks can be victims of DoS or DDoS attacks. In Bitcoin for example, version 0.14 of Bitcoin Core, had a vulnerability of the software that allowed this type of attack to be carried out. It was discovered in 2017, and was explained by Andreas Antonopoulos in tweet in your official account. Thanks to the open-source nature and the work of hundreds of developers and collaborators, the bug was quickly fixed.
This last situation explains how important the development of open and auditable software is. Furthermore, it is a clear indication of how important computer security and systems upgrades are. All this in order to avoid situations that may be catastrophic for those who use computer services.