What are DoS attacks?

One of the most common attacks in the world of computing are DoS attacks, a type of attack by which cybercriminals seek to prevent users of an online computer system from accessing it by flooding it with illegitimate service requests.

EThis is a type of computer attack which is intended to disable a computer system for a period of time. A simple example to understand this type of attack would be the following:

Imagine a disco with capacity for 200 people and whose entrance is free. If a competitor wants to ruin it, they should only take 200 friends and, without consuming anything, be there as long as the disco is open. In this way, the competitor has made a DoS attack in real life. In computer science, that disco can be a web page that supports a certain number of concurrent visits. If a malicious actor can simulate these visits and prevent legitimate users from using the web, they will be successfully carrying out these types of attacks.

This situation prevents legitimate users of the system from using the system and the service it provides. These types of attacks may be aimed at affecting the source that offers the information, the application or the transmission channel of the system.. Something to generally achieve by exploiting vulnerabilities or overloading the capacity of servers. The last case is the most common of them, as it is simple, fast and very effective.

Types of DoS Attacks

There are two techniques for this type of attack: denial of service or DoS (for its acronym in English Denial of Service) and la distributed denial of service or DDoS (for its acronym in English Distributed Denial of Service). The difference between the two is the number of computers or IP's that carry out the attack.

In DoS attacks, a massive number of requests to the service are generated from the same machine or IP address. This ends up consuming the resources offered by the service until it exceeds its response capacity and begins to reject requests. As a consequence, the service becomes useless until steps are taken to correct the problem.

In the case of DDoS attacks, requests or connections are made using a large number of computers or IP addresses. These requests are all made at the same time and to the same service under attack. A DDoS attack is more difficult to handle. This is because the requests come from different IP's and the administrator cannot block them all. This attack scheme is very effective against resistant DoS attack systems.

The computers or devices that carry out the DDoS attack are recruited through malware infection. Through this malicious software, infected computers function as a network of bots or zombies, capable of being controlled remotely by a cybercriminal. Due to the size and operation of this network, it has a greater capacity to bring down servers than an attack carried out by only one machine. Hence, they are widely used today to attack very large systems.

But how do these attacks work?

These types of attacks can occur in many ways. But they all have the same purpose: to knock down a service provided by a network or computer system. Basically, attacks consist of:

1. Consume the computational resources of the network to collapse the service. Resources such as bandwidth, disk space, or processor time are its main targets of attack.
2. Configuration information alteration. These types of attacks are more elaborate, many of them require knowing vulnerabilities in the system or the protocols that make it possible to operate (TCP / IP, UDP, or any other).
3. Status information alteration, such as interrupting TCP sessions (TCP reset).
4. Obstruction of communication media between users of a service and the victim, so that they can no longer communicate properly.
5. Exploitation of vulnerabilities in the service or parts of the system to make it stop working.

DoS and blockchain attacks. Are we protected?

One of the main strengths of technology blockchain it is precisely its resistance to DoS and DDoS attacks. And it is that the decentralized nature of the blockchain, which improves its resistance to these attacks.

This is because a decentralized platform allows network users substantially greater amounts of data processing. A situation that greatly reduces the risk of success of DoS and DDoS. It is thanks to this design, and the inherent cost of sending transactions to the network of the various blockchains, that these attacks are ineffective and highly costly. Another way to carry out DoS attacks is through the use of Attacks Sybil, that Eclipse Attack or using a Erebus attack. The latter is the most dangerous of all, since its scope is global, it requires few resources and is undetectable until the entire network goes down.

However, despite this particularity, there are always cases in which blockchain networks can be victims of DoS or DDoS attacks. In Bitcoin for example, version 0.14 of Bitcoin Core, had a vulnerability of the software that allowed this type of attack to be carried out. It was discovered in 2017, and was explained by Andreas Antonopoulos in tweet in your official account. Thanks to the open-source nature and the work of hundreds of developers and collaborators, the bug was quickly fixed.

This last situation explains how important the development of open and auditable software is. Furthermore, it is a clear indication of how important computer security and systems upgrades are. All this in order to avoid situations that may be catastrophic for those who use computer services.

What would be the real impact of a DoS or DDoS attack on any blockchain?

Although blockchain networks are resistant to these attacks due to their decentralized form, we still have to know: What would happen if an attack of this type was carried out effectively? To give an example of this let's take the network Ethereum:

The assumption of an effective denial of service attack on Ethereum would affect millions of network users. Users not only of the main network, but also to the rest of the tokens that work “on top of it”. DApps, decentralized exchanges, distributed computing infrastructures, everything dependent on Ethereum, would be taken offline.

This would have a direct negative impact on the capacity of Ethereum and many users would question the ideality of the network for their projects. In the worst case, this situation will affect the price of ETH and would mean a sharp drop in its capitalization. An economically negative situation for the network. It could also have a strong impact on the further development of the Ethereum software. The generation of new hard forks and derivative developments to "improve" Ethereum would be something to be expected.

Certainly the above scenario is quite discouraging and, although difficult, it is plausible within the effects that might be expected from such an attack. This example serves to put us in situation of the importance of security. Despite the fact that blockchain is a very secure technology, there are many exploitable factors. Reducing them to a minimum is a primary task for not only the services provided, but also for the security and continuity of the provision of services to users.

However, it is also important to emphasize that Bitcoin is free software and enjoys very high transparency. Thanks to this we have available resources like this websites in which we can review the vulnerabilities discovered and fixed in Bitcoin.