Early this May, Knox County's election results were delayed because of a widespread distributed denial-of-service (DDoS) attack. Though the attack prohibited people from viewing the results on the county's website or app, officials were able to access the results and print them out.
No election data was compromised since the outage, which lasted an hour and a half, occurred only after the polls were closed. Knoxville-based internet security firm Sword & Shield determined that the requests rained in from 65 different countries. These requests were a deliberate attack on the county's web servers, aiming to breach the website where election results are reported.
While DoS and DDoS attacks are similar in nature, there is one factor that sets them apart; DoS attacks flood systems, servers, and other network resources with traffic from a single computer so that legitimate users cannot access them. DDoS attacks, on the other hand, perform this same action, but from many computers across several networks. The challenge lies in determining whether an increase in traffic is caused by genuine users, or a DDoS attack. To make detecting DDoS attacks easier, be sure to maintain an audit trail of all changes to your network infrastructure, and monitor your log data.
Don't want to make the news for the wrong reasons? Download ManageEngine Log360, the tool that can help combat internal and external security attacks.
Log360 helps you:
Using Log360's reports and alerts, you can detect DoS and DDoS attacks before they begin to affect your users. Get started here.
You will receive weekly cybersecurity news soon!
2022 Zoho Corporation Pvt. Ltd. All rights reserved.