Palvelunestohyökkäykset en

Denial-of-service attacks

A denial-of-service attack is an attack that aims to disrupt or prevent the normal operation of a specific network service. For example, the attack is carried out by overwhelming a website with a flood of traffic that makes the site unavailable to its intended users. A denial-of-service attack is often carried out using a botnet consisting of hijacked network devices.

Disrupting another person's systems or communications through a denial-of-service attack is a crime. Disrupting communications or an information system is punishable by imprisonment for at most two years.

A denial-of-service attack can be carried out easily with just a few clicks. However, this does not make it legal. Booter and stresser services used to carry out denial-of-service attacks can be found through open search engines. Booter and stresser services often advertise themselves as legitimate security testing services. However, these services are illegal. When using booters, it is often impossible to ascertain the full extent of the impact of the attack.

Even an act intended as a prank can have serious consequences. Even if the intention was only to disrupt a friend's game, the attack can also cause harm to other players and the game company. In a worst case scenario, a denial-of-service attack can cause damage amounting to millions. Even a person under the age of 15 is liable to compensate for any damage they cause.

Palvelunestohyökkäykset testaa tietosi en

Test your knowledge: Denial-of-service attack

A website offers denial-of-service (DoS/DDoS) attack services and claims they are intended solely for testing their own pages, so the service must be legal?

Many denial-of-service attack services found using search engines operate illegally, even though they claim that their activities are intended solely for testing their own websites. Legal operators are mainly information security companies that provide stress-testing tools as one form of service.

Denial-of-service attacks also pose a serious threat outside of the internet

It is difficult to assess the actual damage caused by a denial-of-service attack, especially if it is carried out using illegal tools created by others. Illegally produced denial-of-service attack tools often operate using criminally acquired infrastructure, known as a botnet. It is also impossible for the attacker to know what is on the server being attacked. The attack can therefore cause damage far beyond the intended target. 

Denial-of-service attacks are part of the multiplayer culture of video games.

Many people carry out denial-of-service attacks, particularly in multiplayer video games. However, this is not part of video game culture but criminal activity, which can have serious consequences not only for the victim of the attack but also for the perpetrator.

You can stress test your own website.

True and false. The tools you use play a big role in whether you are allowed to test your own website. In principle, you can load or stress test your own website, as long as you use legal tools to do so and the testing does not affect the operation of other websites or systems. On the other hand, testing your own website using, for example, a booter service can be a crime. When using such services, it can also be difficult to ascertain what other impacts the testing may have.

I found the service through a general search engine ad, so it can't be illegal.

Websites offering booter services often advertise themselves as legitimate security testing services, and these services are easy to find using general search engines. However, many booter services operate illegally. When choosing a service, it is important to ensure that it is a legitimate stress-testing service. For example, if the service does not verify in any way that you own the website you are testing, the service is likely to be operating illegally.