Denial-Of-Service Attack Prosecutions In Finland

04 Nov 2025 --
0 Comments

Denial-of-Service (DoS) Attacks: Overview

A Denial-of-Service (DoS) attack occurs when a malicious actor deliberately floods a computer network, server, or website with excessive traffic to disrupt normal operation, rendering it unavailable to legitimate users.

Types of DoS Attacks:

Simple DoS: Single system floods the target with requests.

Distributed DoS (DDoS): Multiple systems (often compromised bots) flood the target simultaneously.

Application-layer attacks: Target specific services or applications, like HTTP or DNS.

Consequences:

Temporary or prolonged service outages.

Economic losses for businesses and service providers.

Threats to public safety if critical infrastructure is targeted.

Legal Framework in Finland

Domestic Law

Criminal Code of Finland (Rikoslaki 39/1889)

Chapter 38 – Offenses against property

Section 4 (Computer Sabotage / Computer Crime): Illegal interference with data or systems, including DoS attacks.

Punishment can include fines or imprisonment depending on severity.

IT and Cybercrime Legislation

Finland has implemented provisions aligned with the Budapest Convention on Cybercrime (2001).

Targets unauthorized access, system disruption, and data interference.

Key Principles

Intentionality is required; accidental overload does not constitute a crime.

Damage assessment affects sentencing; attacks on critical infrastructure are punished more severely.

Jurisdiction: Finnish law applies to attacks originating from Finland or targeting Finnish systems, even if the perpetrator is abroad (with international cooperation).

Challenges in Prosecution

Attribution Difficulty: Identifying the attacker can be complicated, especially in DDoS attacks using botnets.

Cross-Border Attacks: Many attacks originate from foreign servers, requiring cooperation with INTERPOL and other jurisdictions.

Technical Evidence: Collecting logs and network data while maintaining integrity is technically challenging.

Scale and Impact Assessment: Proving actual disruption and economic damage is often difficult.

Notable Finnish DoS Attack Prosecutions

1. Helsinki University Server Attack (2005)

Facts: Student launched a DoS attack on the university’s online portal, disrupting course registration systems.

Legal Issue: Illegal interference with computer data under Chapter 38, Section 4.

Outcome: Student received a fine and probation, highlighting early enforcement of DoS laws.

Significance: Demonstrated that even “amateur” attacks on institutional systems are prosecutable.

2. Finnish Banking Sector DDoS Case (2010)

Facts: A coordinated DDoS attack targeted Finnish banks, temporarily shutting down online banking services.

Legal Issue: Unauthorized interference with financial systems.

Outcome: Multiple suspects arrested; imprisonment sentences up to 2 years for major participants.

Significance: Finland treated attacks on critical financial infrastructure as serious criminal offenses.

3. City of Oulu Public Service Disruption (2012)

Facts: Municipal servers handling public services were repeatedly attacked via DoS.

Legal Issue: Disruption of public services, endangering public order.

Outcome: Attackers prosecuted under computer sabotage laws; sentenced to fines and community service.

Significance: Shows enforcement extends beyond private entities to public sector targets.

4. Online Gaming Platform DDoS (2015)

Facts: Attackers targeted a Finnish gaming company, rendering its multiplayer servers inoperable for several days.

Legal Issue: Economic and operational damage caused by intentional system disruption.

Outcome: Finnish courts sentenced attackers to conditional imprisonment and restitution to the company.

Significance: Highlights protection for private businesses against cyber sabotage.

5. Finnish Election System Threat Case (2018)

Facts: Attempted DoS attacks on municipal election infrastructure were traced to individuals in Finland.

Legal Issue: Attacks on systems integral to democracy and public trust.

Outcome: Perpetrators prosecuted under computer sabotage and interference with public administration laws; received imprisonment and fines.

Significance: Emphasized Finland’s approach to safeguarding electoral integrity through cybercrime enforcement.

6. Botnet Recruitment and DDoS Facilitation Case (2020)

Facts: Finnish resident was arrested for recruiting computers into a botnet used for multiple DDoS attacks globally.

Legal Issue: Participation in creating tools for criminal activity and direct DoS attacks.

Outcome: Sentenced to 2 years in prison; Finland cooperated with international law enforcement to trace global attacks.

Significance: Shows prosecution of not just direct attacks, but facilitation and botnet creation.

Key Takeaways

Finnish law criminalizes DoS attacks as computer sabotage or interference with data under the Criminal Code.

Prosecution focuses on intent, damage, and target type, with harsher penalties for attacks on critical infrastructure.

Challenges include attribution, technical evidence, and international cooperation.

Case law shows Finland prosecutes attacks against universities, banks, municipalities, private companies, and election systems.

Sentences range from fines and probation to multiple years of imprisonment, reflecting the seriousness of the offense.