Why Availability Matters More Than We Think. It is essential for everyone to be able to access the same tools that have been created with advances in technology like computers, mobile phones, websites and digital services in order for them to use them throughout their daily life (e.g. bill payments, homework assignments, work, shopping and entertainment).
One of the largest threats faced by organisations today, in addition to having their data stolen, is the inability for them to provide access to their systems when the public is in need of that information.
When an organization’s computer systems fail, they appear to have been completely shut down. As an illustration, if your online bank does not function, you are unable to collect your money, your college portal may no longer be available and your local hospital’s electronic health records may have been hacked or otherwise denied access.
All three of these incidents cause inconvenience, but could also expose you to financial loss, endanger your life or cause disruption of operations. The majority of cyber-attacks on computer systems are carried out with the intention of rendering them unusable, even if the data stored in those systems remains intact.
What Are Availability-Compromising Cyber Attacks?
These are attacks whose primary goal is to render systems, networks, services, or applications unavailable to legitimate users. Digital services, such as a web site, database, or mobile application, rely on hardware, networks, and software components running behind the scenes. When any of those components are rendered inoperable, the digital service is unavailable.
Cyber attacks to disrupt the availability of digital services intentionally disrupt the ability of the legitimate user of the service to access the application. Examples of methods used by attackers to disrupt digital services include flooding the application with more traffic than it can handle, exhausting server resources, manipulating internet routing to send users to a hoax site, deleting or corrupting files critical to the operation of the digital service (e.g., config files), overloading the cloud with excessive user requests, or sabotaging the internal configuration records (e.g., network settings) of the affected digital service.
These attacks aim to:
- overwhelm resources
- disrupt communication channels
- break system functionality
- sabotage hardware or infrastructure
- deny access to data or applications
Unlike data theft or espionage, availability attacks are often:
- fast
- destructive
- public
- expensive to recover from
Attackers don’t always want your data — sometimes they just want to take you down.
Why Availability Attacks Are Increasing
In the last 10 years, almost every business, school and government service has transformed into a digital one. Because of this shift, a minor disruption can now affect thousands or millions of users collectively at the same time. With many more systems relying on cloud computing, as well as remote services, applications, and application programming interfaces (APIs), attackers have so many more options for attack than they had in past years.
Attackers can also now buy powerful tools from the dark web for very little, enabling many inexperienced individuals to perpetrate devastating attacks on a large scale. The other significant factor is motivation. Some attackers intend to embarrass an organisation or its government. Some attackers want payment to restore access to an organisation’s system. Some attackers desire to eliminate their competition.
Others want to create pandemonium. In politically charged incidents, entire countries are targeted to disable key infrastructure, like power grids or government websites. This is attractive to cybercriminals because they want to cause a lot of immediate and highly visible damage, and because cybercriminals are motivated by money, reputation and trust.
Growth of Online Dependency
Every business now operates digitally:
- Cloud apps
- Online payments
- Web portals
- Mobile services
A single disruption affects thousands instantly.
Attackers Don’t Need Sophisticated Skills
Tools for DDoS, botnets, and traffic flooding are available cheaply on dark web marketplaces.
Ransom-Driven Motives
Attackers increasingly threaten:
“Pay, or we destroy your availability.”
Hacktivism & Geopolitical Tensions
Groups target governments, banks, media houses, and critical infrastructure to make a point.
Insider Threats
Employees or contractors can sabotage systems, disable servers, or misconfigure services intentionally.
Major Types of Availability-Compromising Attacks
DDoS Attacks
A Distributed Denial of Service (DDoS) attack is the most prevalent and simplest method to achieve a total loss of availability. To visualize how this occurs, think of a store with an entryway that allows many people to enter at once. If a thousand people rush through the door simultaneously, then no one else can enter due to the overwhelming number of customers in the store.
When attackers conduct a DDoS attack, they will use thousands of infected computers, commonly referred to as a botnet, to send large quantities of traffic to a website/service over a short period. The result is that the web server and/or web application cannot handle the number of new requests and simply stop responding, so the web service becomes unavailable as a result of overwhelming demand, even though no one has been “hacked.”
DDoS attacks are incredibly powerful. Some DDoS attacks have produced traffic of over 1.0 terabit/sec, which has the ability to take down many large-scale websites. A DDoS attack can be so damaging to small and mid-size businesses that even a brief, concentrated attack can result in a shutdown of their business operations, as well as the crashing of their servers, creating significant financial losses.
The most common availability attack.
Attackers use compromised devices (botnets) to flood a target with:
- excessive traffic
- slow HTTP requests
- malformed packets
- exhaustive resource consumption
Common DDoS Variants
| Type | How It Works |
|---|---|
| Volumetric attacks | Flood bandwidth with massive traffic (Gbps–Tbps) |
| Protocol attacks | Exploit weaknesses in TCP, UDP, ICMP |
| Application-layer attacks (L7) | Target specific functions like login pages or APIs |
Impact
- Website crashes
- APIs become slow
- Cloud bills skyrocket
- Network links get saturated
Resource Exhaustion Attacks
These target CPU, memory, disk, or system handles.
Examples:
- Infinite loops
- Fork bombs
- Memory leaks
- Thread creation floods
- Exhausting database connections
Even a single malicious script can freeze an entire server.
Ransomware and Wipers
Ransomware
Encrypts data → denies access → demands payment
Availability is the primary casualty.
Wiper malware
Destroys data entirely with no intention of ransom.
Used mostly in cyber warfare.
DNS-Based Availability Attacks
DNS is the phonebook of the internet.
If DNS is compromised, nothing loads.
Common DNS attack types:
- DNS Flooding
- DNS Amplification
- Cache Poisoning
- DNS Hijacking
- Domain Suspension/Takeover
If attackers exploit DNS, they can:
- redirect users to malicious pages
- make legitimate domains unreachable
- cause extended downtime even without touching the servers
BGP Hijacking
Attackers take control of traffic routes by manipulating Border Gateway Protocol.
This can:
- blackhole traffic
- reroute traffic to malicious destinations
- cause global outages (YouTube incident, 2008)
Often invisible to end-users yet massively damaging.
Cloud Infrastructure Abuse
Modern attacks exploit:
- auto-scaling misconfigurations
- excessive provisioning
- cloud throttling
- API request limits
- IAM role privilege escalation
Cloud can enhance resilience — but only if configured properly.
Insider Availability Threats
These include:
- deleting critical configurations
- disabling firewalls
- overriding load balancers
- corrupting storage arrays
- shutting down servers
- sabotaging backups
Insiders remain one of the hardest-to-detect threats.
Real-World Examples That Show the Impact
Availability attacks aren’t limited to just affecting technology; they can also have major economic impacts on the natural world. Availability attacks result in lost customers and money for companies. Delays in treatment due to unavailability of patient information prevent hospitals from providing timely care. Schools are unable to provide online classes or test students when an availability attack occurs.
Governmental agencies can experience slowdowns or total shutdowns following an availability attack. A short outage, even if brief, can negatively impact customer confidence and dependability over the long term. Availability attacks aren’t purely technical events; rather, they are real-world disruptions that impact people’s lives and function of the economy.
GitHub DDoS (2018)
1.35 Tbps traffic — largest at the time.
Caused global slowdowns, forced GitHub to use emergency mitigation.
Dyn DNS Attack (2016)
Took down:
- Spotify
- Netflix
- PayPal
All due to DNS availability disruption.
Costa Rica Government Ransomware (2022)
Countrywide shutdown: customs, taxes, government services offline for weeks.
Hospitals Hit by Wipers (Ukraine, 2023)
Medical operations halted; patient record access lost.
These incidents show how availability incidents escalate beyond “downtime” into national-level impact.
How to Mitigate Availability-Compromising Attacks
Network-Level Protections
DDoS Mitigation Services
Use:
- Cloudflare
- Akamai
- AWS Shield
- Google Cloud Armor
- Fastly
They absorb large attacks before they reach your servers.
Rate Limiting & Throttling
Set limits for:
- API calls
- login attempts
- requests per second (RPS)
- concurrent connections
WAF (Web Application Firewall)
Protects L7 attacks (HTTP floods, slowloris, bot attacks).
CDNs
Cache content globally → reduce direct load on origin servers.
Application-Level Defenses
Input sanitization
Prevent costly operations from malformed or oversized inputs.
Load balancing
Distributes traffic across multiple servers.
Connection pooling
Protects database resources.
Graceful degradation
Ensure:
- partial functionality
- fallback modes
- circuit breakers
- temporary static pages
Even under strain, your service shouldn’t fully collapse.
Infrastructure-Level Defenses
Horizontal and vertical scaling
Auto-scaling helps absorb spikes if configured correctly.
Redundancy
Use:
- multi-region clusters
- failover servers
- multiple ISPs
- redundant DNS providers
Disaster recovery plans
Define:
- RTO (Recovery Time Objective)
- RPO (Recovery Point Objective)
Organizations with DR plans recover 10× faster.
Zero Trust + Least Privilege
Limits the blast radius of insider threats.
Backup & Recovery
Especially against ransomware and wipers.
Best practices:
- immutable backups
- air-gapped storage
- regular restore tests
- 3-2-1 backup strategy (3 copies, 2 formats, 1 offsite)
Backups should restore both data and availability.
Monitoring & Threat Intelligence
Use:
- SIEM (Splunk, QRadar, Elastic)
- NDR (Darktrace, Vectra)
- SOAR workflows
- Bot detection tools
- Cloud logs (AWS CloudWatch, Azure Monitor)
Early detection = faster recovery.
Common Mistakes That Increase Downtime
Relying on a single cloud region: If one region goes down → your business goes down.
Having only one DNS provider: DNS outages are common.
No DDoS protection: Even small attacks can take down SMEs.
Not testing backups: Backups are useless if they can’t be restored.
Overlooking insider threats: More than 30% of disruptions come from insiders.
Building a Resilient Availability Strategy
It takes more than good planning to protect the availability of a business. Companies need technology, good recovery planning, and the ability to adapt to stressful situations. It is essential for businesses to have systems in place to handle large increases in Internet traffic. Technologies that enable this type of scalability include:
Traffic management systems that share the traffic between multiple servers.
Failover systems and automatic fallbacks. Content Delivery Networks (CDNs), DDoS protection services, and Web Application Firewalls (WAFs) to stop malicious traffic before it reaches the company’s core systems.
In addition to being prepared to handle high volumes of Internet traffic, organizations also need to prepare for the worst-case scenario. Businesses should have: Regular backups, An Incident Response Plan, A well-trained security team, Redundancy in various geographic locations.
All of these systems improve response time to restore service following a failure. Continually monitoring a network for signs of unusual activity allows organizations to respond to an incident prior to it becoming an outage. It is also necessary to ensure that a company’s cloud infrastructure is configured properly and access is restricted and managed effectively.
To achieve real, long-term resilience, organizations must adopt:
Defense in Depth
Multiple protective layers to prevent total collapse.
High Availability (HA) Architecture
- Load-balanced servers
- Multi-zone deployment
- Multi-region replication
Chaos Engineering (Optional, Advanced)
Deliberately simulate failures (Netflix’s Chaos Monkey) to strengthen resilience.
Incident Response Playbooks
Include:
- communication channels
- role assignments
- escalation steps
- fallback modes
Business Continuity Planning
Beyond technology — define how business operates during downtime.
For any query contact us at [email protected]
Thank you for reading this post, don't forget to subscribe!
