Denial of Service (DoS) attack
When legitimate users are denied access to computer services (or resources), usually by overloading the service with requests.
DoS attacks can range in duration, and may target more than one website or service at a time. A DoS attack becomes a Distributed Denial of Service (DDoS) attack when requests come from multiple devices (which have usually been compromised). It's important that your devices are secured so that they aren't used in this way.
Last year a global law enforcement investigation resulted in the takedown of 'webstresser.org', which is believed to have been the world's biggest marketplace to hire DDoS services. In the United Kingdom, a number of webstresser.org users have recently been visited by police, with over 250 users of that and other DDoS services due to face action for the damage they have caused.
Although there is technical advice which can help defend against DoS attacks, the majority of this may not be applicable to people outside of an IT role, and not suitable to include in this format. More detailed guidance on DoS attacks can be found on the National Cyber Security Centre (NCSC) website outlined in the 'Useful Links' section below. However, we have included some brief points to consider below:
Ensure that you and your service providers are prepared to deal with an overload of resources. Ask for an outline of how they're prepared for these (and other) incidents.
Understand what impact a DoS attack would have on your business and create an incident response plan. Think about who needs to be involved internally/externally, and clearly define roles and responsibilities for each. DoS attacks can be very public, so also think about how you would deal with any PR related issues. Be thorough, and test your plan!
DoS attacks can be used as a smokescreen to distract from other attacks which have a different aim (e.g. data breaches). Be aware of this and monitor closely for other suspicious activity which could indicate follow up attacks.
If you have fallen victim to this or any other type of cyber crime, report the incident to Action Fraud. You can report through phone (0300 123 2040) or on their website at https://www.actionfraud.police.uk
Reporting helps build intelligence for law enforcement, which can aid investigations as well as informational campaigns to prevent others from becoming victims.