How Online Denial-of-Service Attacks Can Harm Business

In the dark world of cyberthreats, denial-of-service (DoS) incidents are becoming an increasingly common tactic. While you can’t entirely prevent these incidents, there are important steps your firm can take now to minimize the impact they can have on its online operations.

What are Denial of Service attacks?

In DoS attacks, which deliberately target the traffic channels an organization uses in its normal operations, an adversary floods a server or network with a swarm of requests that overwhelm its processing capacity. All of the junk requests figuratively gum up the works, resulting in service being denied to real users of the system, whether customers or employees. When criminals send these requests from a broad network of bots or compromised devices, known as a botnet, it’s called a distributed denial-of-service (DDoS) attack.

DoS attacks have persistently been one of the most common cyberthreats; in 2024, they accounted for more than 50% of incidents, according to the 2025 Data Breach Investigations Report conducted by Verizon. DoS attacks were far more numerous than other common attack methods such as social engineering and system intrusions. While many DoS incidents result in only minor service disruptions, targeted attacks that impact an organization’s networks or servers at peak hours can result in financial and reputational damage.

Ransom demands and unethical motives

DoS attacks don’t require bad actors to gain access to any systems or proprietary information. As a result, criminals and bad actors find they’re a cost-effective way to hamstring an organization’s networks or applications. An attacker may demand a ransom in exchange for stopping an attack in progress or not launching one. They may also overwhelm an organization’s public-facing websites and services for political purposes or even sow customer frustration and mistrust for competitive advantage.

However, in some cases, the DoS activity may be just one step in a more complex attack. “Historically, attackers have launched DoS and DDoS attacks during the day to maximize their impact on service or operations,” says Chris Fant, vice president for cybersecurity at Fifth Third Bank. “But there’s also the possibility that these attacks are a misdirection tactic. While an organization is dealing with the service interruption, the attacker could be taking other actions that could impact the organization in a more substantial way.”

Is it a slowdown or DoS attack?

It can be difficult to identify a DoS attack because users can interpret it as a temporary service slowdown. “Depending on how your infrastructure is set up, it’s not uncommon to experience slowdowns when a lot of legitimate customers are trying to utilize a service,” says Stephen Salerno, senior director for cyber threat interdiction at Fifth Third. “The slowdown could also be evidence of a credential validation attack, in which an adversary automates high-volume login requests to validate credentials that will be used in future attacks.”

The impact of DoS attack

DoS attacks can impact an organization’s network layer, which controls the direction and destination of data, and its applications, such as email or web browsing functions. Typically, users will experience an attack in the form of slow application performance; an inability to access websites or download or open files; and sluggish performance of normal operations.

With opportunistic or unsophisticated attackers, these problems may be temporary and no more than a brief annoyance. But attackers with resources to flood an organization with high-volume, high-speed traffic at peak operation times can inflict more damage — and may demand payment from their victims.

How to prepare for and mitigate the impacts of DoS Attacks

DoS attacks are comparatively simple and inexpensive attack methods, and there are few methods organizations can use to prevent a determined attacker from blasting their networks or applications with traffic. “Unless you have the resources to dramatically increase the volume of traffic you can manage, there is a certain amount of DoS risk you’ll have to live with,” says Fant.

Nonetheless, there are several steps you can take that might help you respond more effectively or avoid the most serious effects:

• Invest in protections you can afford. Automated defenses such as web application firewalls and intrusion prevention systems can block or filter malicious traffic from your organization’s most critical digital assets.
• Make sure your operating systems are properly configured. Security controls require regular review and update by IT professionals — either your own in-house team if you have one or outside consultants if you don’t. “When you’re configuring operating systems and components like firewalls and routers, there are ways to limit the number of connections you allow and how long you hold each one,” Salerno notes. Cybersecurity organizations such as the SANS Institute and the National Security Agency have hardening and configuration guides you can adapt for your firm.
• Create a DoS response and/or business continuity strategy. Taking a “when, not if” approach to cyberthreats, including DoS attacks, is essential for any organization. Decision-makers and key personnel should create a plan that outlines roles and responsibilities in a worst-case DoS scenario, including one in which DoS is a diversionary tactic in a multipronged attack. The incident response team should regularly review the plan and update it as necessary.

As with any cyberthreat, the more effort organizations take to understand and prepare for DoS attacks, the better the chances of avoiding the most serious effects. One of the most important things to remember is that even the most powerful attacks are difficult to sustain over a long period of time. Although it can be frustrating, the danger will eventually recede.

To learn more about how Fifth Third can help strengthen your organization’s cybersecurity, visit additional resources about Cybersecurity or contact a Fifth Third relationship manager.