What is DoS or DDoS?

Updated: Nov 15, 2021

A Denial of Service (DoS) is a type of cyber-attack where a computer service is overloaded by requests, so that real users can no longer access the service.


A Distributed Denial Service (DDoS) attack uses multiple locations and computers and can increase the size of attack.


Unable to meet the load of junk requests, servers crash and often require hours to restore. This can cost businesses thousand of pounds due to lost trade whilst websites are down and the cost of recovering systems.


Imagine real world situation of a competitor sending a bus load of people into a shop, who have no intention of buying anything but who chat to the sales staff, wasting their time, and prevent legitimate customers from being able to enter the store. Now imagine that for hours, or repeatedly over a period.


Crowd of people - Photo by <a href="https://unsplash.com/@chuttersnap?utm_source=unsplash&utm_medium=referral&utm_content=creditCopyText">CHUTTERSNAP</a> on <a href="https://unsplash.com/s/photos/crowd?utm_source=unsplash&utm_medium=referral&utm_content=creditCopyText">Unsplash</a>

Unfortunately, DDoS attacks are on the rise, with year-on-year increase in the number being reported, and this is not just a bit of malicious fun. Cyber criminals send bitcoin ransom emails demanding anywhere from 5 BTC to 20 BTC and threatening a powerful and sustained DDoS attack in case of non-payment. After that, the victim is flooded with junk traffic to demonstrate that the threats are far from empty.


During the last week of August 2021 Microsoft Azure recorded one of the largest DDoS attacks in history with 2.4 Terabits per second being directed at one of their customers!


And this is not just limited to one industry. SecureList reports DDoS attacks in Q3 2020 involving financial, telecommunications, flight tracing services, news agencies and education.




What can small businesses do to protect themselves?

The National Cyber Security Centre states that “the only reliable way to weather a DoS attack is to be prepared, to remain vigilant and to act swiftly when an attack begins.”


Be ready

Understand your service - Understand the points in your service where resources can be overloaded or exhausted. Determine whether you, or a supplier, are responsible for each.

Upstream defences - Ensure your service providers are ready to deal with resource exhaustion in places where they are uniquely placed to help.

Scaling - Ensure your service can scale to deal with surges in concurrent sessions.

Response plan - You should design your service, and plan your response to an attack, so that the service can continue to operate, albeit in a degraded fashion.

Testing and monitoring - Gain confidence in your defences by testing them and gain confidence you'll notice when attacks start by having the right tooling in place.


The NCSC has comprehensive guidance around the above area which can be read here: Denial of Service (DoS) guidance - NCSC.GOV.UK


If you would like some help implementing this recommendations contact us today and we can put you in touch with one of our Trusted Partners who will be able to help.

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the East is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the East provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

The Cyber Resilience Centre for the East does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the East is not responsible for the content of external internet sites that link to this site or which are linked from it.