Is DDosing Illegal?

The two different types of DDoS attacks  

The first type of DDoS attack is levied upon the network itself and the network stack in the form of numerous requests to establish a connection. The aim behind this type of attack is to overwhelm the server with an excess load of requests to complicate the processing of incoming traffic, some of which are legitimate and requested for by the user. Typically, the source of the request is untraceable due to the use of non-existent addresses and multiple devices, as part of a coordinated attack. Overtime, the server stops responding to connection attempts due to it becoming overwhelmed. 

The second type of DDoS attack is conducted with the aim to cause application failure. Many sites are embedded with complicated processing functions such as photo processing or product catalogue search. Hackers can overload a site like this by sending numerous requests for example, a search for a missing product. As a result of the overload, the site will not be able to respond to other types of legitimate requests for example, searches from customers.  

To carry out the second type of attack, a laptop is often enough. The hacker will only need to find ‘heavy’ parts of the program on the server and write their program to generate numerous requests to this ‘heavy place.’  

How is the attack conducted? 

To conduct simple DDoS attacks, a single laptop is sufficient. For larger and more complex attacks, hackers may rent DDoS servers from data centres with questionable reputation and create requests from there.  

Another tool used by hackers to conduct DDoS attacks is the botnet. This method is typically used by hacker groups who infect ordinary devices with malware, which make requests for a specific resource on command from the control centre. These infected devices create a network for generating infected traffic. Some botnets may be compromised of up to hundreds of thousands of devices and if each of them sends requests to the target server, legitimate requests will be drowned out and the server will become overloaded. The most powerful botnets can not only cause a store’s online server to become paralyzed but also the internet of a small country. 

Is it illegal?  

DDosing is in fact regarded as a cyber crime in many countries. In the US, it is illegal according to the Computer Fraud and Abuse Act and hackers may face jail time if they are found to be responsible of such attacks. In the UK, it is considered to be illegal likewise in other nations also. In some countries, even if it is not specifically defined as illegal, if the nation has signed the United Nation Convention against Transnational Organised Crime, compliance is expected. In the case that a DDoS attack can be traced back to a nation that is signed to the treaty, it is expected for the DDoS attack to be investigated as a crime.  

In European countries, no matter the method used by an individual to carry out a DDoS attack, whether through SYN flooding (where an attacker rapidly initiates a connection without finalising the connection) or other methods, they will be arrested and suffer the legal consequences.   

Typically, legal consequences in nations that regard DDosing as a crime or are signed to the UN treaty include a prison sentence, a fine or both.   

The reason DDosing is regarded with more severity in comparison to other cyber attacks is the fact that cyber criminals may use this attack to extort corporations and cripple targeted sites. If a large enterprise is the target, the attack frequently involves using thousands of ‘zombie’ botnets which can cause a huge issue in terms of power cost, extortion costs and recovery costs. 

DDoS as a form of protest 

In recent times, the idea that DDoS can be used as an expression of peaceful protest is circulating around on the internet. The Guardian even wrote an article discussing the action in detail.   

In January 2013 in USA, a petition was formed and posted on the official government website for the White House asking for DDosing to be recognised as a method of protest. Despite some observers defending the act of DDosing, the activity nevertheless remains illegal and punishable. 

As this notion is certainly divisive, it may be worth rereading previous instances of DDoS attacks in more detail and consider the motives of the hacker.   

About Securiwiser 

We aim to provide our clients advice concerning implementation of various specific cyber security methods, some of which will be more suitable than others depending on the business type to help ensure the cyber health of our client’s system.  

We advise our clients (whether they are individual users or business owners) regarding various cyber threats that their businesses and operating systems may face. This includes increasing trends of certain threats and prevention methods that are cost effective and time saving.    

Furthermore, business owners, employees and general users may forget to conduct regular scans to monitor the health of their operating system, which criminals can take advantage of to gain unauthorised access by exploiting unrecognised, underlying vulnerabilities.  

Securiwiser can conduct regular scans for your system and provide a detailed cybersecurity risk assessment and a cybersecurity vulnerability assessment. We can further explain detected vulnerabilities and risks in detail to our clients and provide the best course of action that will save your business time and money.