Denial of Service attacks may signal something deeper

Of all the attacks against companies, the humble Denial of Service (DoS) can seem like the least advanced. The basic strategy: Overwhelm the target with traffic or requests until it’s unable to handle them anymore. 

DoS attacks are usually done for a handful of reasons. Motives usually include trying to take down a target’s website or services for moral reasons (like hacktivists shutting down their opponents’ sites) or personal grudges against companies or individuals (gamers are a popular target for the attacks).

That certainly puts them in the “pesky” category. And being offline even temporarily can lead to lost business and time-consuming cleanup.

But recent developments serve as a reminder that DoS attacks can be so much more dangerous than inconvenient.

Carphone Warehouse hack

The British mobile phone seller Carphone Warehouse recently revealed it had been hacked and that attackers made off with personal information on up to 2.4 million customers.

The company (whose name is about as reflective of its current business as MTV’s) made plenty of security mistakes to be sure. It appears that it left customer information unencrypted on its servers, which is obviously a nightmare.

Now it appears that the attackers were able to steal the information by launching a DoS against the company. While IT scrambled to fix that situation and chaos ensued, hackers may have been able to use the distraction to extract information, reports indicate.

This tactic has been used in the past. But the latest incident is a reminder of just how effective it could theoretically be.

Other DoS nightmares

That’s not the only way a DoS could cause you problems. Another recent DoS attack against a business put it out of business permanently. That was because the attackers demanded ransom in order for the attacks to stop.

Dos as ransom is almost certainly more rare – but it still could be an effective tool if hackers were able to execute it well.

Similar attacks have been used against Sony and banks in the past, according to sources.

Steps to take

So how can you protect yourself from DoS attacks? The short answer is, it’s not easy. Most options would be expensive as well.

A better option: Be prepared for what could happen by:

  • having an established emergency action plan
  • rehearsing that plan with simulated attacks
  • making sure you know what you would do in the event of a bribery or ransom incident, and
  • realizing that DoS attacks could be a diversionary tactic for something much bigger.

Simple awareness can go a long way toward protecting data in a confusing time.

Make Smarter Tech Decisions

Get the latest IT news, trends, and insights - delivered weekly.

Privacy Policy