Denial-of-service attacks are on the rise – the impact is minor
Information security now!
The National Cyber Security Centre Finland (NCSC-FI) has been receiving increasing numbers of reports of denial-of-service attacks during the autumn. The report rate for October was higher than for the previous months. The reported denial-of-service attacks have only had minor effects on their targets.
The original article was published on 31.10.2022 in Finnish. (External link)
Denial-of-service attacks drive a lot of traffic to websites or online services. As a result, normal users cannot access these websites or the websites work very slowly. When the denial-of-service attack is over or after the attack has been successfully blocked by technical measures, the website or online service continues to function normally. Disruptions in service tend to be brief. Denial-of-service attacks rarely cause real or long-term damage.
A denial-of-service attack is a simple but flashy attack technique. These incidents are also often covered by media outlets. Preventing access to an organisation’s public service, e.g. website, for a short period gives the impression of an effective perpetrator, although the real impact of the attack is minimal. In addition to a brief disruption in service, denial-of-service attacks usually do not have any other effects.
The NCSC-FI collects data about denial-of-service attacks through attack reports, for example, and builds a situational picture at the national level based on the gathered information. Every report counts, even if the attack has no real impact on the target organisation. The situational picture helps assess the prevalence of attacks and the situation in different sectors. The NCSC-FI uses the data to compare the situation in Finland to international reports of denial-of-service attacks.
Denial-of-service attacks are everyday occurrences both in Finland and the rest of the world, but their numbers vary month-by-month. The numbers of denial-of-service attacks reported to the NCSC-FI have been increasing every month since the summer, with October having been the most active month of the year for denial-of-service attacks so far. The NCSC-FI has received more reports of denial-of-service attacks in 2022 than last year.
Preparation for denial-of-service attacks
Denial-of-service attacks were featured prominently in the media in the spring and in the autumn. The attacks have been targeted at many different sectors, from central government to media industry organisations. Although the subject receives a lot of attention and disruptions in online services are showy, the impacts of these attacks have been minor and caused only very brief website availability problems. Experts in information influence activities have estimated that, instead of trying to do real damage, some attackers’ objective is to simply gain attention through denial-of-service attacks.
Denial-of-service attacks target online services and organisations. Thus, the target organisation’s administration is responsible for preventing these attacks. However, individuals should also ensure the information security of their devices. Volume-based denial-of-service attacks, in particular, use a botnet consisting of hijacked computers and other devices connected to the internet. By keeping your devices up to date and replacing default passwords with strong ones, you can prevent your devices’ involvement in denial-of-service attacks.
The NCSC-FI recommends that organisations’ administrations prepare for different situations regarding denial-of-service attacks by e.g. considering the following questions.
- Have the most critical services been identified and protected against denial-of-service attacks?
- Have the response processes to denial-of-service attacks been defined and practised?
- Have you considered how customer communication would be organised in the event of a cyber incident?
- Does the response process include reporting the incident to the NCSC-FI and the police?
We have prepared instructions for organisations that have been targeted by denial-of-service attacks.
Reports to the NCSC-FI are confidential but valuable. They help us build a situational picture of cyber security at the national level. Our experts are happy to advise and help you in the event of an information security incident – for free. We also want to remind you of the importance of reporting the incident to the police. The NCSC-FI will not report the incident to the police on your behalf. We may exchange information regarding the incident with other authorities, if your organisation has authorised such communication.