A DoS attack (denial-of-service) is a deliberate targeting of your computer and its network connection, or the computers and network of the sites you are trying to access, effectively denying you service. This can take down websites, email, online accounts (banking, utitilies, OTT sites) or other services.
According to the US Computer Emergency Readiness Team (US-CERT), “The most common and obvious type of DoS attack occurs when an attacker “floods” a network with information. When you type a URL for a particular website into your browser, you are sending a request to that site’s computer server to view the page. The server can only process a certain number of requests at once, so if an attacker overloads the server with requests, it can’t process your request. This is a “denial of service” because you can’t access that site.”
Small, independent websites are at higher risk of attack as they often lack the infrastructure or resources to defend themselves, and a relatively small amount of traffic can overwhelm them, quickly forcing them offline.
US-CERT provides guidelines to help you determine when a DoS attack may be happening, including degradation in network, challenges opening particular websites and a higher than usual volume of spam emails. Cyber experts recommend that organizations have an incident response plan in advance of any attack, which will allow you to manage the immediate aftermath of a cyber-attack in order to limit damage, reduce costs and speed up recovery time.
A DoS is performed by a single computer and single Internet connection flooding a server with packets (TCP/UDP). This overloads the bandwidth of the targeted server, making it inaccessible to others, blocking whatever is hosted there, including blocking associated websites.
When someone uses multiple computers to perform a denial-of-service attack, it is described as a distributed denial-of-service or DDoS attack, during which an attacker may use your computer to attack another computer. The attack is “distributed” because the attacker seizes use of multiple computers to launch the DoS attack and can do more extensive damage.
The results of a DDoS attack are much different to that of a DoS. A target server will be overloaded by hundreds or potentially thousands of requests in the case of a DDoS compared to just one attacker in the case of a DoS. It is much harder for a server to withstand a DDoS attack.