A Denial-of-Service is a targeted attack on a website, which results in an extremely bad case of  ‘the computer says no’!

While it’s not specifically restricted to the internet and website services, the term tends to be most often used in this regard. The perpetrators attempt to interfere with the operation of a website by preventing the service functioning effectively and often results in the unavailability of a website. It does this in a variety of nasty technical ways, but perhaps the easiest way for the non-technical to think of it is that a perpetrator jams a website by sending so many queries that it uses up all the resources and nobody else gets a lookin!

Ireland’s CAO has been the latest high-profile case to fall victim when the site was forced to shut down in August and thousands of students were left unable to accept their third-level offers.

Another recent victim was blogging platform Posterous. Also in August, the site had an initial outage after which they moved IP address, but then had to endure a second attack. In then end they had to move datacenters and significantly upgrade their systems.

In April 2007, you may remember Estonia bearing the brunt of a DoS attack when many government websites were forced offline. The attack originated in Russia.

Cybercrime Statistics

Up to date figures detailing the number and scale of attacks are hard to come by, and the impact in lost revenue. However, the UCD Centre for Cybercrime Investigation found that 30% of Irish organisations who took part in a survy in 2006 had been victims of an attack [Source: ISSA/UCD Irish Cybercrime Survey 2006]

DoS and the law

Interestingly, the only relevant law in Ireland dates back to 1991 when internet use was less common and both public services and business were less reliant on online availability. Not surprisingly, the law doesn’t specifically address the problem and even if found (a big if!), the perpetrators might escape prosecution.

Why DoS?

Which brings us to the perpetrators. Why does someone do this? It’s hard to know and quite hard to find out. As Posterous said:

The motive of these attacks is often unclear. It could have been an individual hacker/cracker who wants to show off a bit. It could have been a piracy group that was upset about us removing abusive material. It could have been a foreign government wanting to silence someone using Posterous to protest.

No related posts.