An attack on availability means to target and disrupt access to certain data, services, or
systems that should be reachable for users. These kinds of attacks go after the third type in the
CIA triad of confidentiality, integrity, and availability. The most widely known type of attack in
this form is DDoS (Distributed Denial of Service). In these kinds of attacks, the perpetrator
would use thousands of devices to attack the victim’s network so that customers would have
connections refused or timed out. A recent use of this technique was disclosed in October 2023.
In what was known as a HTTP/2 Rapid Reset, hackers exploiting a weakness in the protocol’s
stream cancellation feature were able to use bots to cancel thousands of requests. Due to each
cancellation forcing the server to allocate resources, attackers are able to generate millions of
requests that were later reported by Google, Amazon AWS, and Cloudfare. With these attacks,
they result in a large amount of revenue lost for the organizations due to downtime, violations,
damage to reputation, and operation costs. Users can also experience outages, deteriorated
performance, and potential safety or economic issues as a result. Attackers can also use these
attacks to ask for ransom or use it as a smokescreen for other attacks. It is with these kinds of
attacks that cause the most damage to individuals, companies, and organizations. With
availability attacks, they target a user’s data that is most useful and accessible to them. In this
example, it shows how many user’s accessible data was taken and used against them and caused
damage to many companies. It is in knowing about these attacks that you know how to secure
your data and safety for the next.