In short, a DoS attack - or Denial-of-Service attack - is a method used to disrupt legitimate users' access to a target network or web resource. Typically, this is accomplished by overloading the target (often a web server) with a massive amount of traffic, or by sending malicious requests that cause the target resource to malfunction or crash entirely.
The first documented case of a Denial of Service attack was in February of 2000 when a 15-year old Canadian hacker targeted Amazon and eBay web servers with such an attack. Since then, more and more people have utilized DoS attacks to disrupt targets in many industries.
Some types of Denial of Service attacks aim to disrupt a specific target individual's access to a network or resource, while others intend to render the resource entirely inaccessible. These attacks can last anywhere from minutes to hours, and in some rare instances, even for days. These types of outages often cause major financial losses for businesses that become targets and don't have the proper mitigation strategies in place.
Denial of Service attacks come in many different shapes and sizes. Since not all devices and networks are vulnerable in the same ways, those trying to cause harm often have to get creative in the ways they can exploit various loopholes in the system configuration.
The most common type of exploit, a buffer overflow attack relies on sending more traffic to the target than developers had originally built the system to handle. This type of attack allows the bad actor to crash or even control the targeted process.
An ICMP flood attack targets a misconfigured device on the target network, forcing the machine to distribute bogus packets to each and every node (computer) on the target network instead of a single node, thus overloading the network. This sort of attack may often be referred to as “the ping of death” or a “smurf attack”.
A SYN flood sends a request to connect to a web server but never fully authenticates the connection. It then proceeds to target all the remaining open ports on the target web server until it forces the server to crash.
Another similar term that you’re likely to encounter is a DDoS attack, which stands for a Distributed Denial-of-Service attack. The difference between a Dos and a DDoS attack is that during a DDoS attack, many malicious machines are directed to target a single resource. A Distributed Denial of Service attack is far more likely to be successful in disrupting the target than a DoS attack originating from a single source. Bad actors also tend to prefer this method as it becomes increasingly difficult to trace the attack back to its source since the attack originates from multiple points.
In a majority of cases, Denial of Service attacks have been used to target web servers of large corporations, such as banks, online commercial retailers, and even major government and public services - however, it’s important to consider that any device, server, or network connected to the internet could be a potential target for these types of attacks.
As cryptocurrencies have picked up traction in recent years, crypto exchanges have become increasingly popular targets for DDoS attacks. For example, when the cryptocurrency Bitcoin Gold officially launched, it immediately became the target of a massive DDoS attack that ended up disrupting their website for multiple hours.
However, the decentralized aspect of blockchains creates a strong protection against DDoS and other cyber attacks. Even if several nodes fail to communicate or simply go offline, the blockchain is able to continue operating and validating transactions. When the disrupted nodes manage to recover and get back to work, they re-sync and catch up with the most recent data, provided by the nodes that were not affected.
The degree of protection each blockchain has against these attacks is related to the number of nodes and hash rate of the network. As the oldest and biggest cryptocurrency, Bitcoin is considered the most secure and resilient blockchain. This means that DDoS and other cyber attacks are much less likely to cause disruptions.
The Proof of Work consensus algorithm ensures that all network data is secured by cryptographic proofs. This means that it is almost impossible to change previously validated blocks. Altering the Bitcoin blockchain requires the entire structure to be unraveled record-by-record, something which is a practical impossibility even for the most powerful computers.
Hence, a successful attack would probably only be able to modify the transactions of a few recent blocks, for a short period of time. And even if the attacker manages to control more than 50% of the Bitcoin hashing power to perform the so-called 51% attack (or majority attack), the underlying protocol would be quickly updated as a response to the attack.