Denial of Service (DoS)

A Denial of Service (DoS) attack attempts to make a system, network, or service unavailable to its intended users by overwhelming it with traffic, exploiting vulnerabilities to crash it, or consuming its resources. Unlike DDoS (distributed), a basic DoS attack comes from a single source.

DoS attacks target the availability component of the CIA triad. While they don't typically steal data, they can disrupt critical business operations, prevent legitimate users from accessing systems, and serve as a distraction while attackers pursue other objectives elsewhere on your network.

Why It Matters

System availability is part of your security posture under CMMC. While CUI confidentiality is the primary concern, ensuring your systems remain available to support DoD missions is also important. DDoS mitigation and redundancy planning help address this risk.