Introduction
One of the epic inventions related to computers is the internet which has led to a transformation of the world in as far as communication is concerned. The internet via websites presents a crucial front for the achievement of the objectives of most organizations and individuals. As such, it is imperative that the websites function consistently. However, attacks can be perpetrated that may render some parts of the internet inaccessible. This may have medium to dire consequences depending on the significance of the websites in question. This paper shall set out to discuss a recent computer denial of service attack in a bid to highlight how such attacks can be perpetrated and the damage that may result. Preventive measures that could have foiled these attacks shall be discussed and the cost of recovering determined.
The Attack
A Denial of Service (DOS) attack is aimed at denying legitimate users access to certain resources. The attacks generally exploit the weakness in the TCP/IP protocol suite and can be carried out with relatively little effort. In this particular scenario, a Denial of service attack was perpetrated against Twitter.com. Twitter is a popular social networking site that according to techcrunch.com, boasts of a user base of over 44.5 million people. As can be deduced from this user base, traffic in the website is always high as the website serves the request of the clients.
The attack on Twitter was perpetrated by the attackers on August 6, 2009 with the aim of overwhelming the Twitter servers. According to reports by Sutter from the CNN, the attack was carried about by attackers using a number of infected computers to send erroneous information to the site servers. By doing this, the attackers flooded the network with bogus packets thus effectively preventing legitimate access to the network since all the bandwidth was consumed by the attacker’s packets. This resulted in shutting down of the website for about 2hours. While he identity of the attacker(s) remained unknown, this cyber-attack was well orchestrated as it hit the website by use of multiple infected networks thus overloading an already burdened system.
The consequences of this attack on twitter were far reaching mostly as a result of the millions of users who make use of the site. As a result of the attack, the site had to be closed off thus denying the millions of legitimate users access. The users who log in directly into the site were unable to do so as the attackers bombarded the twitter server with more requests that it could serve thus causing it to shut down. In addition to these users, there are those who use client applications that make use of twitter Application Programming Interface to interact with other systems. With the site down, these client applications could not run thus greatly inconveniencing the users. This inconvenience to clients was detrimental to the sites marketing strategies since client dissatisfaction generally reflects negatively on any organizations profitability due to the negative public image. As a popular social networking site, twitter is essential in communication. Its breakdown therefore created an informational “blackout” if only to a small extent.
Recovering from the attack
While there was not physical damage on any of the website server’s infrastructure, there was a lot of damage resulting from the denial of access to service by legitimate users. As such, the recovery process was aimed at restoring the servers to the previous functional state of serving the legitimate client requests. Isolating the website from the network was the first step that was undertaken by the relevant IT personnel at twitter. Having done this, the bogus requests could be killed off hence freeing the network resources of the site. Proper firewalls configurations and other measures could then have been set up to deal with any further attacks from the infected networks. The costs of recovery were mostly in the form of manpower and additional security measures deployed so as to deter any further attacks. However, the real cost of the DOS attack included the loss of client confidentiality in the Twitter’s dependability.
Preventive Actions
While it is generally acknowledged that DOS attacks are impossible to completely defend against, measures can be taken to minimize the frequency of this attacks of at least alleviate the damage caused when they occur. Key to any defensive efforts is the detection of the DOS attack. In the Twitter case, the problem was not identified at an early stage thus leading to even further damage. Uniform degraded performance is one of the key indicators of a DOS attack. By use of sniffers and logs at the router, the network administrator can detect a threat and take appropriate action to deal with the problem.
Schuba et al proposes that firewalls at the servers can be configured to protect against flooding. The rationale behind this approach is that firewalls check the packets destined to a particular host and thus can detect and stop flooding. An attack on the scale of the Twitter one required large number of computers to carry out. Consumer users were invariably used in this attack. Ensuring that the end users computers are not utilized for attacks can act as protection against the attacks. Users should use anti-virus software and make use of firewalls to protect their computers from being used to perpetrate DOS attacks.
Conclusion
This paper set out to give a detailed description of a Denial of Service attack that was carried out on a website. To this end, the paper has discussed an attack on Twitter and provided a description of the manner in which the attack was perpetrated. The damages resulting from this and the recovery process has been outlined. While it has been demonstrated that DOS attacks cannot always be anticipated, preventive measures have been suggested to ensure that this malicious attacks are protected again and legitimate users are always granted access to the websites of their choice.
Works Cited
Schuba, L, Christoph., Krsul, V. Ivan., Kuhn, G. Markus., Spafford, H. Eugen & Sundaram, Aurobindo. “Analysis of a Denial of Service Attack on TCP.” Purdue University, 1999.
Sutter, John. “Twitter hit by denial-of-service attack.” 2009. Web.
TechCrunch. “Twitter Reaches 44.5 Million People Worldwide” 2009 Web.