DDoS attacks have become common in the modern business world. Large corporations, government agencies, SMEs, and other entities regularly fall victim to these cyberattacks. DDoS attacks actively spread across the borders and are often a tool in the hands of state-backed malicious groups.
From one point of view, DDoS attacks do not violate the provisions of the UN charter since they are not performed against the territorial integrity of a state or its political stability. Also, when we look at the provisions of the Tallinn Manual, we see that denial of service does not constitute the use of force. However, when we look at the official documents describing cybercrimes such as T-CY Guidance Note #5 issued by the Cybercrime Convention Committee, we see that DDoS attacks constitute a crime since they damage and enable access to computer systems. Under the US Computer Fraud and Abuse Act, DDoS attacks are crimes since the individuals initiating them intentionally cause damage to computer systems. As of 2021, DDoS attacks are not a phenomenon from the legal point of view and the parties committing these types of cyberattacks in most countries are prosecuted by the law.
DDoS attacks cause damage not only to the intended targets but also affect other entities through slow page loads and blocks. For example, when companies use mitigating devices to protect against DDoS attacks, legitimate users face troubles when trying to log in to the website in question. Such a situation may be referred to as partial denial of service. Malicious actors may also commit DDoS attacks to distract the attention of the target’s security staff. For example, let’s consider the situation in the banking sector. When banks’ security specialists work on addressing a DDoS attack they are likely to fail to notice fraudulent transactions. Such a situation occurred in 2013 in the USA when 6 leading banks experienced DDoS attacks. Generally, DDoS attacks constitute a serious barrier for companies doing business almost in every industry. Apart from financial damage they also cause reputational losses and lead to non-required time expenditures from the side of internal staff.
When taking into account the political nature of DDoS attacks, they may constitute a form of civil protest when targeting government websites. As the result of a DDoS attack, key governmental websites are not crashed forever, protesters may only cause their temporary collapse to express their disagreement with the policy implemented by a particular governmental institution. There was even a precedent in Germany almost 20 years ago when the court recognized the DDoS attack against Lufthansa in the form of traffic overwhelming as a civil protest of people. However, it is an idealistic situation when DDoS attacks serve peaceful and noble purposes. Malicious actors simply exploit the desire of people to express their protest.
Generally, companies and other entities need to realize that the regulatory environment governing DDoS attacks is still under development. In most cases, malicious actors performing DDoS attacks face no penalties for their wrongdoings. That is why companies are mostly left alone in their fight for a secure business environment. Consequently, they should not neglect the importance of cooperating with professional vendors providing DDoS-resistance solutions such as disBalancer.
Please visit disBalancer media channels to find more info about the project and its utility token.