Booters: can anything justify distributed denial-of-service (DDoS) attacks for hire?

Abstract

PurposeThis paper aims to examine whether there are morally defensible reasons for using or operating websites (called ‘booters’) that offer distributed denial-of-service (DDoS) attacks on a specified target to users for a price. Booters have been linked to some of the most powerful DDoS attacks in recent years.Design/methodology/approachThe authors identify the various parties associated with booter websites and the means through which booters operate. Then, the authors present and evaluate the two arguments that they claim may be used to justify operating and using booters: that they are a useful tool for testing the ability of networks and servers to handle heavy traffic, and that they may be used to perform DDoS attacks as a form of civil disobedience on the internet.FindingsThe authors argue that the characteristics of existing booters disqualify them from being morally justified as network stress testing tools or as a means of performing civil disobedience. The use of botnets that include systems without the permission of their owners undermines the legitimacy of both justifications. While a booter that does not use any third-party systems without permission might in principle be justified under certain conditions, the authors argue that it is unlikely that any existing booters meet these requirements.Practical/implicationsLaw enforcement agencies may use the arguments presented here to justify shutting down the operation of booters, and so reduce the number of DDoS attacks on the internet.Originality/valueThe value of this work is in critically examining the potential justifications for using and operating booter websites and in further exploring the ethical aspects of using DDoS attacks as a form of civil disobedience.