T 0.40 Denial of Service

There are a variety of different forms of attack, all aiming at disruption of the intended use of certain services, functions or devices. The generic term for such attacks is "Denial of Service". Often the term "DoS-attack" is used.

Such attacks can come, amongst others, from disgruntled employees or customers, but also from competitors, extortionists or politically motivated perpetrators. The aim of the attacks can be business-relevant values of any kind. Typical forms of DoS attacks are:

• Disruptions of business processes, for example, by flooding the order processing with improper orders,
• Damage to the infrastructure, for example by blocking the doors of the institution,
• provoking IT failures by e.g. purposeful overloading services of a server in the network.

This type of attack is often associated with distributed resources, the attacker generates such a high demand for these resources that they are no longer available for the actual users. In IT-based attacks, the following resources can be artificially made scarce: processes, CPU time, memory, disk space and transfer capacity.

Examples:

• In spring 2007 in Estonia strong DoS attacks on numerous Internet sites over a prolonged period of time took place. This led to significant impairments in the use of information services and Internet services in Estonia.