In simple terms, a DoS attack, or Denial of Service attack, is a method used to disrupt legitimate users' access to a target network or website resource. This is usually achieved by overloading the target (usually a website server) with a large amount of traffic, or by sending malicious requests that cause the target resource to malfunction or completely crash.
The first recorded denial of service attack occurred in February 2000, when a 15-year-old Canadian hacker used this attack to attack Amazon and eBay web servers. Since then, DoS attacks have been increasingly used to disrupt targets (websites) in many industries.
Types of DoS attacks
Some types of DoS attacks are designed to disrupt a specific target's access to a network or resource, while other types are designed to render a resource completely inaccessible. These attacks can last from minutes to hours, or even days in rare cases. These disruptions to network resources often result in significant financial losses to the targeted business, and there are few mitigation strategies in place.
DoS attacks come in many different shapes and sizes. Since not all devices and networks are attacked in the same way, those seeking to compromise must be creative in order to exploit possible vulnerabilities in system configurations.
Some of the more well-known types of DoS attacks include:
Buffer overflow attack
The most common type of exploit, a buffer overflow attack relies on sending more traffic to a target than the developer originally built the system to handle. This type of attack allows an attacker to completely crash the target or take control of the target process.
ICMP flood attack
An ICMP flood attack targets misconfigured devices on a target network, forcing the computer to distribute fake packets to every node (computer) on the target network instead of just one node, thus overloading the network. This attack can often be referred to as a "Ping of Death" or "smurf attack."
SYN flood attack
A SYN flood attack sends connection requests to a (target) web server, but never fully authenticates the connection. It will then continue (sending requests) to all remaining open ports on the target web server until it forces a server-side crash.
DoS attack vs DDoS attack
Another similar term you may come across is DDoS attack, which stands for Distributed Denial of Service attack. The difference between DoS and DDoS attacks is that many malicious computers are directed to target a single resource. Distributed Denial of Service attacks are more likely to successfully disrupt a target than DoS attacks from a single source. Attackers prefer this method because it makes it harder to trace the attack back to its source because the attack comes from multiple points.
Do DDoS attacks affect cryptocurrencies?
In most cases, denial of service attacks are used against the web servers of large businesses, such as banks, online retailers, and even government and public services - however, it is important to consider that any device, server, or network connected to the internet can be a potential target for these types of attacks.
As cryptocurrencies have grown in recent years, cryptocurrency exchanges have become increasingly popular targets for DDoS attacks. For example, when the cryptocurrency Bitcoin Gold was officially launched, it immediately became the target of a large-scale DDoS attack, which ultimately disrupted their website for several hours.
However, the decentralization of blockchain provides strong protection against DDoS and other cyber attacks. Even if multiple nodes cannot communicate or go offline, the blockchain can continue to operate and verify transactions. When the interrupted nodes resume working, they will resynchronize and catch up with the latest data provided by the unaffected nodes.
The degree to which each blockchain is protected from these attacks is related to the number of nodes and hash rate of the network. As the oldest and largest cryptocurrency, Bitcoin is considered the most secure and resilient blockchain. This means that DDoS and other network attacks are less likely to cause it to collapse.
The proof-of-work algorithm ensures that all network data is protected by cryptographic proofs. This means that previously verified blocks are almost impossible to change. Changing the Bitcoin blockchain requires the entire structure to be recorded one by one, which is impossible even for the most powerful computers in the world.
Therefore, a successful attack can only modify the transactions of a few recent blocks for a short period of time. Even if an attacker manages to control more than 50% of the Bitcoin hashrate to perform a so-called 51% attack (or majority attack), the underlying protocol will be quickly updated as a response to the attack.