Denial-of-service attack

A denial-of-service attack (DoS) or distributed denial-of-service attack (DDoS) is an attempt to make network resources unavailable to their intended users.[1]

Common methods of attack are[2]:

1. Over-saturating the target website with traffic, far beyond its actual capacity, thus preventing access to genuine customers (this also usually occurs when there are too many visits to a website, for example ticketing sites, when tickets have just been released)

2. Disrupting the connection between two specific machines

3. Disrupting the connection between a specific person or system

4. Sending large number of spam emails to specific inbox, in order to disable a mail server.

A distributed denial-of-service attack or (DDoS), is when an attacker uses several computers to 'attack' another computer or network.[3]

Status in UK law

DoS attacks are explicitly prohibited in the UK under the Computer Misuse Act 1990 (as amended by the Police and Justice Act 2006 section 36)

(2) This subsection applies if the person intends by doing the act—
(a) to impair the operation of any computer;
(b) to prevent or hinder access to any program or data held in any computer;
(c) to impair the operation of any such program or the reliability of any such data; or
(d) to enable any of the things mentioned in paragraphs (a) to (c) above to be done.

DoS attacks could also fall within the definition of terrorism under the Terrorism Act 2000.

DDoS convictions

Some individuals involved in the co-ordination of DDoS attacks have been sentenced under the conspiracy charge of the Criminal Law Act 1977.

External links

References