“The most common target for a DoS attack is an online service such as a website, though attacks can also be launched against networks, machines or even a single program.”
― Anonymous

Denial of Service

Denial-of-service (DoS) attacks aim to restrict or impair access to a computer system or network. They typically target servers to make websites and payment services unavailable — preventing legitimate users from accessing the online information or services they need.

When you type a URL for a web page into your browser, you send a request to the site’s computer system asking to view that web page. DoS attacks work by ‘flooding’ a website with fake requests in an attempt to overload the system. As websites and networks can only process a certain number of requests at once, this blocks any genuine requests from getting through.

By targeting computer systems in this way, DoS attacks can prevent you, or your customers, from accessing any service that relies on an affected system to work.

DoS attacks are much more likely to affect businesses or organizations than individuals. It’s rare for an individual to be the target of an attack, although it’s not unheard of. More often, the targets are websites and servers that provide services like online banking or online payment processing.

  • If your business is subjected to a DoS attack, you may not be able to provide online services or information to your customers until the attack is over. Some of your critical services, like desk phones, may not work. This can damage your reputation and there may be financial consequences for both you and your customers.
  • As an individual, you may not be able to access the online services and information you expect from a business targeted by a DoS attack.

DoS attacks are usually financially or politically motivated. In some cases, the attacker will demand a ransom payment to stop the attack. In others, the attack may be an attempt to sabotage or cause harm to an organization.

Preventing a DoS Attack

Here’s what you can do reduce the likelihood of an attack.

  • Don’t assume that it won’t happen to you. Think about DoS attacks as a potential risk to you, or your business, and plan for them.
  • Talk to your Internet Service Provider (ISP). Some ISPs provide services that can help protect you against cyber attacks. Ask them about getting DoS protection.
  • Keep your ISP’s contact details at hand so you know how to get in touch with them in an emergency. In some cases, your normal means of communication — like your desk phone — will be affected by a DoS attack. Make sure you have another contact option available, like your mobile phone.
  • Have an incident response plan in place for what to do if you’re targeted by a DoS attack. Ask your IT support person or a local computer services company to help you put one together.

If you’re targeted by a DoS attack

Here’s what to do when you’re under DoS attack.

  • If you have an incident response plan, follow the steps you’ve identified to manage the situation.
  • Contact your ISP — let them know what’s happening and ask what they can do to help you fix the problem.
  • Talk to your IT support person or a local computer services company if you need help implementing any of the steps in your plan.
Visit CERT NZ for more information. 
Visit ACSC for more information.