DDoS Attacks: Is Volunteering Illegal?

TL;DR

Participating in a Distributed Denial of Service (DDoS) attack, even voluntarily or manually, is almost always illegal. It’s considered a cyber security crime with serious consequences under laws like the Computer Misuse Act 1990 in the UK. You don’t need to be the organiser to get into trouble; simply taking part can land you a hefty fine and/or prison sentence.

Understanding DDoS Attacks

A DDoS attack overwhelms a server, website or network with traffic from multiple sources, making it unavailable to legitimate users. ‘Voluntary’ means someone willingly joins the attack, often through botnets or coordinated efforts. ‘Manual’ usually refers to people flooding a target with requests themselves.

Why It’s Illegal

1. Computer Misuse Act 1990: This is the main UK law covering this. Specifically, Section 3 covers unauthorised access to computer material – which includes disrupting services.
   • Section 3A (Impairment of operation of computer): Making a computer perform any calculation or process without authorisation. A DDoS attack clearly falls under this.
   • Section 3B (Modification of computer material): Even if you don’t directly alter data, disrupting the service *can* be considered modification as it changes how the system operates.
2. Serious Crime Act 2015: This can apply if the attack causes significant disruption or damage.
3. Impact on Businesses & Services: DDoS attacks cause financial loss, reputational damage and can even affect critical infrastructure. The law reflects this seriousness.

What are the Penalties?

• Fines: Can be substantial, depending on the severity of the attack and your involvement.
• Prison Sentence: Up to 10 years imprisonment is possible for more serious offences under the Computer Misuse Act.
• Criminal Record: A conviction will have long-term consequences for employment and travel.

How Authorities Track Attacks

1. IP Address Tracking: Your internet service provider (ISP) logs your IP address, which can be used to identify you.
   • You can check your public IP address using a tool like WhatIsMyIP
2. Botnet Analysis: Law enforcement agencies work to dismantle botnets and identify participants.
3. Network Monitoring: Security companies and network providers monitor traffic patterns for suspicious activity.

What if you’re asked to participate?

1. Do Not Participate: The simplest way to avoid trouble is to refuse.
2. Report It: Contact the police or a cyber security reporting centre (see ‘Useful Resources’ below).
3. Document Everything: Keep records of any communication related to the request.

Checking for Compromise

If you suspect your computer might be part of a botnet without your knowledge:

1. Run an Antivirus Scan: Use reputable antivirus software to check for malware.
2. Check Running Processes: Look for unusual processes consuming excessive resources.

   tasklist /v

3. Monitor Network Activity: Use a network monitoring tool (like Wireshark, though it’s advanced) to see what your computer is sending and receiving.

Useful Resources

• National Cyber Security Centre (NCSC): https://www.ncsc.gov.uk/
• Action Fraud: https://www.actionfraud.police.uk/