Is DDoS a Crime?

2022 has a serious ‘DDoS is not a crime’ vibe. Little over four weeks ago, performing distributed denial of service (DDoS) attacks was not without potential consequences. As an activist, one will need to consider those facts before taking up arms.

Personally, I feel the general public views hackers in one of two ways. They are either evil threat actors or hacktivists fighting for a cause. Hackers are rarely portrayed as altruistic thinkers who follow the law.

Terms like outcasts, rebels, and criminals frequently come up when describing hackers in the media. Even movies and TV shows glorify the malicious actions of hackers to the general public without a second thought about their impact. So, it comes as no surprise that we have a distorted perception in today’s digital society when it comes to the legalities of hacking.

And I can hardly blame the public at this point. For years, the community has warned about the consequences of failing to regulate criminal activity. An inexperienced person might naively believe that launching a Denial-of-Service (DoS) attack is perfectly legal. After all, users can easily find attack tools for rent on the first page of an internet search engine. And even worse and more perplexing for the average user, criminal sites offering DDoS services are often protected by legitimate security firms, giving the illusion that they are legal at some level.

The Gray Area of Cyber

Not only has the security industry failed to regulate the blatant criminal activity, but we as a community also seem to be rewarding malicious behavior with attention, leading emotionally compromised and overstimulated first-time hackers to publicly and proudly announce their association with criminal activity. Often they believe their newfound power and moral high ground justify any crime they may have committed and fit the narrative of ethical hacking.   

While this gray area was tolerated back in the days of Anonymous, today, the hive mindset has evolved and become mainstream. As a result, a more significant percentage of the general public believe that DDoS attacks are not a crime if they are morally aligned and part of a socially acceptable operation.  

[You may also like: What Drives DDoS Attacks and Why it Should be a Concern]

But is this true?

Take the current Russia-Ukraine war, for example. Both sides of the conflict have created government-backed IT armies that have recruited tens of thousands of people from around the world. Their objectives range from essential information operations and support to organized Denial-of-Service attacks against government agencies, financial institutions, and even food delivery services.  

While both sides have justified their reasons for carrying out cyber-attacks in support of the war, is it legal for someone outside of Russia or Ukraine to join a foreign cyber legion and engage in cyberwar? 

Or take the recent disclosure by the musician Grimes, who admitted during a Vanity Fair interview to orchestrating a Denial-of-Service attack in 2012 against the now-defunct blog Hipster Runoff. The attack kept the website offline until the owner agreed to remove the article containing a personal photo of her.   

Grimes admitted to a federal crime during this interview. But we must ask ourselves, why did she feel safe to admit to her “coolest hacker moment” publicly? Was it a branding and marketing stunt? Or has hacking, specifically, Denial-of-Service attacks, become so socially acceptable that society no longer views the action as a crime?  

Risks and Consequences of launching a DDoS attack

Perception is reality, but nothing is what it seems. And while launching Denial-of-Service attacks might currently be perceived as a hip and trendy activity to be a part of, it is still very much, in reality, a federal crime. For example, in 2021, a man received the maximum sentence of five years in federal prison and was ordered to pay more than $520,000 in restitution for launching multiple DDoS attacks against media outlets, bloggers, and legal news sites.  

There are also many risks associated with joining a foreign cyber legion, especially if you are not located within a country participating in the conflict. Just because you feel morally or socially compelled to engage doesn’t mean that your actions will be considered legal and without consequence. Even if you happen to get away with operating during the conflict and your side is victorious, you could still face legal charges or travel restrictions for years to come due to your involvement. 

Additionally, in both situations, what appears to be a justifiable and straightforward Denial-of-Service attack against the enemy can cause collateral damage to unintended and unrelated targets while in transit. Packets don’t just magically jump from their origin to their destination. When an attacker crafts and sends malicious packets across the internet, that traffic can cause service-related issues for network operators.  

[You may also like: 2021 Cyberthreat Retrospective and Why It Was a Bumpy Ride]

Should I Join the Cyber War?

DDoS is, until further notice from the authorities, considered a federal crime. It is surprising that the security industry and government officials do not inform the general public about the risks and collateral damage that can be caused by performing DDoS attacks as part of cyber warfare. This could explain the perception problem with respect to the legalities of hacking. It’s almost like they want people to get involved, which is fine… if you are smart about it.  

Launching offensive cyber-attacks and DDoS attacks are a crime, and with hacking back there is a lot of risk and liability involved. If you are truly passionate about an event and feel obligated to get involved, consider that Anonymous’ greatest power did not come from their cyber-attacks. It came from the organization and dissemination of information.  

Like this post? Subscribe now to get the latest Radware content in your inbox
weekly plus exclusive access to Radware’s Premium Content

Daniel Smith

Daniel is the Head of Research for Radware’s Threat Intelligence division. He helps produce actionable intelligence to protect against botnet-related threats by working behind the scenes to identify network and application-based vulnerabilities. Daniel brings over ten years of experience to the Radware Threat Intelligence division. Before joining, Daniel was a member of Radware’s Emergency Response Team (ERT-SOC), where he applied his unique expertise and intimate knowledge of threat actors’ tactics, techniques, and procedures to help develop signatures and mitigate attacks proactively for customers.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program


An Online Encyclopedia Of Cyberattack and Cybersecurity Terms

What is WAF?
What is DDoS?
Bot Detection
ARP Spoofing

Get Social

Connect with experts and join the conversation about Radware technologies.

Security Research Center