Exploring Attacks on Availability

Posted by tnobl001 on
What are attacks on availability
Attacks on availability on a network are attacks that prevent authorized users from accessing and using systems when they are needed. These attacks can be denial of service attacks that can overwhelm the system or network by flooding it with traffic. It can also be physical due to damage to the infrastructure or disruption of the power supply.

Types of attacks on availability
Denial of services attacks as described above is an attack that seeks to flood a networks system with traffic preventing the organization’s actual users from using the system due to a slowdown or failure in the system. A distributed denial of service is flooding several different parts of a system to overwhelm the system resulting in a slowdown or a failure in the system. Ransomware encrypts the organization’s files preventing authorized uses from the ability to access them.

Impacts of attacks on availability
Successful attacks on an organization can cause organization’s downtime to the company causing delays with production, service interruptions, loss of sales, and ability for the hackers to obtain or corrupt data. It could be the beginning of a ransom threat if the attacker can continue the disruption until their demands have been answered.

Example of an attack on availability
One example of an attack on availability is the ransomware attack of Kaseya. This attack allowed an attacker to exploit this organization’s system through a vulnerability in the servers. They were able to activate their ransomware by circumventing the authentication controls and executive commands by SQL injection. They were then able to encrypt parts of Kaseya’s data. It affected over 2,000 businesses in over 17 countries costing these companies around 70 million dollars in cryptocurrency.

Defense mechanisms for attacks on availability
Some best practices in availability management are implementing redundancy and backup systems. Administrators should be performing consistent patch and vulnerability management and network and monitoring detection. There should be a robust incident response plan and business impact analysis for identification of all critical systems of the organization.







References
What is Availability? Definition, Strategies & Threats | Twingate. (2024). Twingate.com. https://www.twingate.com/blog/glossary/availability

Robinette, D. (n.d.). What are the 4 Types of Attacks in Network Security? Www.stamus-Networks.com. https://www.stamus-networks.com/blog/what-are-the-4-types-of-attacks-in-network-security

Osborne, C. (2021, July 23). Updated Kaseya ransomware attack FAQ: What we know now. ZDNet. https://www.zdnet.com/article/updated-kaseya-ransomware-attack-faq-what-we-know-now/

Leave a Reply

Your email address will not be published. Required fields are marked *