Denial of Service Attack: CNBC Explains

Richard Drury | Photodisc | Getty Images

Online users frequently find the sites they're trying to access have temporary server problems loading. Usually it takes just a minute or two to have them come up.

But there are times when websites—particularly financial sites—are purposely disrupted with the intention of denying users access. These are called denial of service attacks and CNBC explains how they work.

What are denial of service attacks?

Someone or several people are attempting to make a website unavailable for its intended users.

They do this by several ways including the take over computer resources, such as bandwidth, disk space, or processor time or disrupt configuration information—such as routing information.

Basically, the hackers overload the website's system with so many online traffic requests that the website can't function and regular users can't access it.

Often in denial of service attacks (DoS), the computers used to bombard the targeted websites with traffic, have actually been hijacked or taken over by hackers.The computers are often infected with malware that give attackers control over the computer, usually without the website's knowledge.

What are the signs of a DoS attack?

  • Unusually slow network performance beyond the norm
  • Unavailability of a particular website
  • Inability to access any website
  • Dramatic increase in the number of spam emails received by the website

What financial sites have suffered from DoS attacks?

CapitalOne, HSBC, Bank of America, Wells Fargo, and Sun Trust are among the financial websites hit by denial of service attacks in recent months.

For financial institutions—or any website—the attacks are at least massively disruptive to customers and their IT departments, who have to scramble to stop the attacks and get their site up and running again. In the banking attacks mentioned above it appears the hackers hijacked servers, according to analysis by Radware.

Is personal information of online customers compromised in a DoS attack?

So far, the financial sites have said no. They say the attacks are more annoying than damaging. But security experts warn it's still too early to know for sure. DoS attacks can often be a diversion so that IT teams don't notice other malicious activity that may be happening at the same time—like hacking into personal files.

Are denial of service attacks against the law?

Yes.They are considered violations of the Internet Architecture Board (IAB) proper use policy, and they also violate policies of virtually all Internet service providers. They also violate the laws of individual nations. In the U.S., they can be a serious federal crime under the Computer Fraud and Abuse Act with penalties that include years of imprisonment.

Contact CNBC Explains


    Get the best of CNBC in your inbox

    › Learn More

Latest Special Reports

  • With the world becoming more interconnected, it’s getting harder to anticipate and manage global risks. We take a look at some of the biggest risks and ways to mitigate them.

  • From family-run companies to public companies with family ownership, we tackle challenges and rewards facing family businesses.

  • Inside the market's biggest sectors with a look at the trends, companies and trades netting profits for investors.

Central Banking Explained

Corporate Accounting Explained