AST Logo


AST Recommended Awareness and Training Resources

Cybrary - Free Cybersecurity Training Site

The free cybersecurity training site, Cybrary, offers content in beginner, intermediate, and advanced/leadership tiers.  Included classes for each tier are:

Beginner

Intermediate

Advanced/Leadership

A+

SharePoint

CASP

Linux+

Ethical Hacking

CISSP

Network

Computer Forensics

Social Engineering & Manipulation

Security

PMP

Python for Security Professionals

Cloud

Virtualization

Post Exploitation

ITIL

MCSA

Malware Analysis

Cryptography

CCNA

Advanced Penetration Testing

 

CISA

 


What is a DoS attack and what does it attempt to do?

A DoS is a Denial of Service (DoS) attack.  It attempts to disrupt access to, or use of, information technology (IT) systems or services.  Visualize a super sales event, two hours before the event starts. A few early birds come to get a peek at the inventory.  Traffic flow is not an issue and the shoppers can easily make their way into the store.  Fast forward to the start of the event. A crowd has quickly assembled and the volume of shoppers have flooded the front door with other eager shoppers pushing to enter the store; they block entrance.  Until some shoppers clear the entrance, admittance is disrupted.  A DoS attack overruns the IT system’s ability to continue processing, thus disrupting normal operations.  When DoS attacks are launched from one or a few easily identifiable source(s), systems can be told to block or drop the tidal wave of traffic.  Thus, they can continue to operate.

What is a DDoS and what does it attempt to do?

A DDoS is a Distributed Denial of Service (DDoS) attack.  It attempts to disrupt access to, or use of, information technology (IT) systems or services as well.  However, DDoS occurs whenever multiple sources coordinate in the DoS attack. DDoS attacks are not new, however, they have recently garnered more attention and are being more widely used. Again, the main purpose behind a DDoS is the malicious consumption of resources, to cause significant disruption, loss of productivity, and/or revenue.  DDoS mitigation is harder to thwart because of its distributed nature.  Think about the blocking scenario above. If you have the tidal wave coming from countless sources and you are unable to filter the good from the bad, then it will all overrun the system and cause disruption for both legitimate and malicious actors.  For IT practitioners, check out the CIS Guide to DDoS Attacks for mitigation techniques.

Why is it happening so often?  Who’s doing it? And why?

DDoS can now be purchased.  Instead of adding clothes or a movie to your online shopping cart, one could add a DDoS attack.  So, instead of having to know the skills and techniques to launch an attack, all you have to do is pay a small fee for minutes or hours of disruption. Can it be traced back to you? Perhaps pay a premium to cover your tracks…what’s a few more dollars?  Attackers are becoming more sophisticated and catering to new business and personal drivers.  Some operate in an organized manner, others sell services as solo entrepreneurs, while others even work for free if a cause aligns with their convictions.  A special term exists for bad actors that launch attacks based on political, religious, or environmental motivators - Hacktivists (a blend of hackers and activists).  Whether the attacker is aiming for social protest, political change, or promoting ideological agendas, the end result can have lasting implications.


Free Training photo_security

Tech Blogs

Government Resources


Parent Guides



Sitemap for AST.MyFlorida.com
2016-2017 Annual Regulatory Plan
AST Home
About AST
Chief Information Security Officer Bio
Chief Operations Officer / State Data Center
Contact Us
Employment Opportunities
Media
Office of the Chief Information Security Officer

Office of the Executive Director / State CIO
Office of the General Counsel
Office of the Inspector General
Publications
Quarterly Oversight Reports
Service Catalog
State CIO Bio
State Data Center Customer Portal
Strategic Planning
Technology Advisory Council
Legal
Privacy Policy
Public Records
ADA Compliance / Accessibility

PDF logo Adobe Reader Download

Florida Government
MyFlorida.com
Florida Has a Right to Know
Governor Rick Scott