• Mehr als 3 Millionen Wörter Inhalt
  • |
  • info@itmedialaw.com
  • |
  • Tel: 03322 5078053
Rechtsanwalt Marian Härtel - ITMediaLaw

No products in the cart.

  • en English
  • de Deutsch
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
Kurzberatung
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
Rechtsanwalt Marian Härtel - ITMediaLaw

DDOS attacks: Criminal liability, warning and compensation?

18. July 2023
in Law on the Internet
Reading Time: 4 mins read
0 0
A A
0
neourban 1734495 1280
Key Facts
  • DDoS attacks are a common form of cybercrime that paralyzes servers and networks by flooding them with requests.
  • In Germany, DDoS attacks are expressly punishable under Section 303b StGB and are considered computer sabotage.
  • Victims of DDoS attacks have the right to a warning and compensation for lost profits and restoration costs.
  • Penalties for DDoS attacks vary depending on their severity and can range from fines to several years' imprisonment.
  • Enforcing claims for damages can be challenging, as DDoS attackers often act anonymously.
  • Preventive measures such as firewalls and DDoS protection services are crucial in defending against such attacks.
  • Professional help from IT security experts and lawyers is important to effectively combat DDoS attacks.

In the digital world, distributed denial of service (DDoS) attacks are a common form of cybercrime. They aim to cripple servers or networks by flooding them with requests, which can cause significant operational disruptions. But what is the legal side? Is a DDoS attack a criminal offense and is it possible to take action against the attacker? This blog post highlights these issues and provides a detailed look at the legal aspects of DDoS attacks.

Content Hide
1. What is a DDoS attack?
2. Criminal liability of DDoS attacks
3. Warning and compensation
4. Conclusion
4.1. Author: Marian Härtel

What is a DDoS attack?

A Distributed Denial of Service (DDoS) attack is a specific type of cyber attack in which an attacker aims to render a server, service or network inaccessible through a flood of Internet traffic. This attack aims to disrupt and interrupt normal functionality and access to a network, system or service.

The method used is usually the use of a botnet. A botnet is a group of hacked computers that are under the control of the attacker. These computers, often referred to as “zombies,” are tricked into sending coordinated requests to the target. These can be simple requests, such as calling a web page, or more complex actions, such as sending large packets of data designed to overload the target’s bandwidth.

The primary goal of a DDoS attack is to put so much strain on the server’s resources that it is no longer able to handle legitimate requests. This can cause the server to respond slowly, become unreliable, or even fail completely. The consequences can be significant, especially when it comes to mission-critical services where downtime can lead to substantial financial losses and reputational damage.

It is important to note that DDoS attacks are not aimed at stealing data or infecting systems. Instead, their main goal is to disrupt normal operations. Despite their apparent simplicity, DDoS attacks can be extremely effective and require careful planning and preparation to successfully defend against them.

Criminal liability of DDoS attacks

In many countries around the world, including Germany, DDoS attacks are explicitly punishable by law. These types of cyberattacks violate the law because they are specifically designed to interfere with the functioning of computers and networks. They generate massive traffic, which results in legitimate requests not being able to be processed, causing significant operational disruptions.

In Germany, the legal basis for the criminal liability of DDoS attacks is enshrined in Section 303b of the German Criminal Code (StGB). This paragraph explicitly criminalizes data alteration and computer sabotage. Data modification is the unauthorized deletion, suppression, rendering unusable or alteration of data. Computer sabotage, on the other hand, refers to acts intended to disrupt data processing operations that are essential to the operation of a company or government agency.

In this context, a DDoS attack can be considered a form of computer sabotage. Flooding a server or network with requests disrupts normal operations and, in many cases, completely paralyzes it. This can cause significant economic damage, especially when it comes to commercial websites or online services that rely on constant access from their customers.

It is important to emphasize that criminal liability for DDoS attacks applies not only to the actual perpetrators, but also to individuals who commission or support such attacks. This can be done, for example, by deploying botnets or developing and distributing special software to carry out DDoS attacks. These acts can also be prosecuted under Section 303b of the German Criminal Code.

Penalties for DDoS attacks can vary depending on the severity of the attack and the damage caused. They range from fines to prison sentences. In particularly serious cases, for example if the attack results in significant economic damage, prison sentences of several years may be imposed.

Warning and compensation

If you become a victim of a DDoS attack, you have the right to take legal action. This may include warning the aggressor and claiming damages. Damages may include the cost of restoring the system, lost profits, and other direct or indirect damages.

The legal basis for such claims may arise from a variety of sources. One of them is § 823 para. 2 of the German Civil Code (BGB) in conjunction with Section 303b para. 1 No. 2, para. 2 of the Criminal Code (StGB). According to these provisions, the person who intentionally or negligently violates the property, the right of another unlawfully is obliged to pay damages. A DDoS attack can be considered such a wrongful infringement because it affects the functioning of a computer system that is the property of the victim.

In addition, a claim for damages may also be asserted on the basis of impairment of the established and practiced business. This claim arises from case law and is recognized if the DDoS attack disrupts the operations of a company. This may be the case in particular if the attack results in operations having to be shut down for a certain period of time or if customers migrate away as a result of the attack.

In addition, a so-called quasinegatory injunctive relief pursuant to §§ 1004 para. 1, 823 para. 2 BGB in conjunction with § 303b para. 1 No. 2 StGB may be invoked. This claim exists if there is a risk of repetition, i.e. if it is to be feared that the attacker will carry out a DDoS attack again. The claim is directed at the omission of such attacks.

However, enforcing these rights can be challenging. DDoS attacks are often difficult to trace because attackers mask their identities through the use of botnets and other techniques. As a result, it is often difficult to identify the polluter and hold them legally responsible. In such cases, it may be helpful to consult an expert in IT law or a specialized lawyer who has experience with such cases and can assist in enforcing the claims.

Conclusion

DDoS attacks pose a serious threat to the stability of IT systems and are a clear violation of the law. They can cause significant damage that goes far beyond technical problems and can have a significant economic impact. Victims of such attacks have the right to warn the attacker and claim damages. This may include the cost of restoring the system, lost profits, and other direct or indirect damages.

However, enforcing these rights can be challenging. The nature of DDoS attacks and the techniques used by attackers can make it difficult to identify who is responsible. This can make legal prosecution more difficult and make it difficult to enforce claims for damages.

Therefore, it is crucial to take preventive measures to protect against such attacks. This can include implementing security measures such as firewalls and DDoS protection services, monitoring network traffic, and training employees on cybersecurity practices.

If you become a victim of a DDoS attack, it is important to seek professional help. This may include IT security professionals, attorneys, and law enforcement. They can help investigate the attack, identify those responsible and take legal action.

Marian Härtel
Author: Marian Härtel

Marian Härtel ist Rechtsanwalt und Fachanwalt für IT-Recht mit einer über 25-jährigen Erfahrung als Unternehmer und Berater in den Bereichen Games, E-Sport, Blockchain, SaaS und Künstliche Intelligenz. Seine Beratungsschwerpunkte umfassen neben dem IT-Recht insbesondere das Urheberrecht, Medienrecht sowie Wettbewerbsrecht. Er betreut schwerpunktmäßig Start-ups, Agenturen und Influencer, die er in strategischen Fragen, komplexen Vertragsangelegenheiten sowie bei Investitionsprojekten begleitet. Dabei zeichnet sich seine Beratung durch einen interdisziplinären Ansatz aus, der juristische Expertise und langjährige unternehmerische Erfahrung miteinander verbindet. Ziel seiner Tätigkeit ist stets, Mandanten praxisorientierte Lösungen anzubieten und rechtlich fundierte Unterstützung bei der Umsetzung innovativer Geschäftsmodelle zu gewährleisten.

Tags: DamagesWarning

Weitere spannende Blogposts

Are trading apps allowed to restrict trading?

Are trading apps allowed to restrict trading?
7. November 2022

Attention: Due to the explosive nature of the current situation, this blog post must not be understood as concrete legal...

Read moreDetails

Warranty and indication of liability for defects

Online retailer: Notice of warranty of defects
3. April 2019

As I often write, the establishment of an online service or an online shop is currently riddled with so many...

Read moreDetails

Promotion with discount codes = sneaky advertising?

Promotion with discount codes = sneaky advertising?
27. May 2019

Comparison to influencer sneaking advertising I have already written in the blog about the current verdicts on influencers and sneaky...

Read moreDetails

Warning letters because of unencrypted contact form

LG Munich: Data protection consent on dating platform
7. November 2022

Just a few weeks ago, I published an article on the subject here. Now there is apparently again a wave...

Read moreDetails

Judgment on World Of Warcraft & Account Suspension due to GTC Violation

Judgment on World Of Warcraft & Account Suspension due to GTC Violation
8. September 2019

In a case I represent, the District Court of Neukölln has ruled that an account in the World of Warcraft...

Read moreDetails

Warning adé? The changes in the UWG

Online retailer: Notice of warranty of defects
7. November 2022

Today, the new "Law on Strengthening Fair Competition" came into force, but in the opinion of many colleagues, it does...

Read moreDetails

Liability trap BFH judgments on VAT in case of warnings

Tax treatment of Upwork in Germany?
16. May 2019

Before i go to the University-Augsburg to the Esport-Recht Institute today, to attend the first meeting tomorrow with other experts...

Read moreDetails

BGH limits the warning mania!

Online retailer: Notice of warranty of defects
7. November 2022

I have already dealt with the topic of abusive cease-and-desist letters here on the blog a few times, and the...

Read moreDetails

ECJ tightens requirements for GDPR disclosures

Data protection: “Targeted advertising” through “legitimate interest” at the end? EDPB vs. meta
19. January 2023

The European Court of Justice (ECJ) has ruled that data controllers must, in principle, disclose the identity of the recipients...

Read moreDetails
Startup ohne Entwickler?
Gloss / Opinion

Startup ohne Entwickler?

8. July 2025

Es ist spätabends, der Kaffee neben dem Laptop ist längst kalt, doch ich lächle zufrieden: In wenigen Stunden habe ich...

Read moreDetails
Keine stillschweigende AGB-Änderung – Schweigen gilt nicht als Zustimnung

Keine stillschweigende AGB-Änderung – Schweigen gilt nicht als Zustimnung

7. July 2025
So langsam nimmt der Shop Form an

So langsam nimmt der Shop Form an

3. July 2025
Dark Patterns: UX-Tricks im Visier von Gesetzgeber und Gerichten

Dark Patterns: UX-Tricks im Visier von Gesetzgeber und Gerichten

2. July 2025
Altersverifikation im Internet: Pflichten für Anbieter in Deutschland und Europa

Altersverifikation im Internet: Pflichten für Anbieter in Deutschland und Europa

30. June 2025

Podcastfolge

eda7ba83 c559 4e68 8441 41159a0751f3

Blitzskalierung und rechtliche Herausforderungen: Der Balanceakt für Startups

20. April 2025

In dieser Episode sprechen Anna und Max über die rechtlichen Herausforderungen von Blitzskalierung und disruptiven Geschäftsmodellen. Am Beispiel von Plattformen...

Read moreDetails
Rechtliche Beratung für Startups – Investitionen, die sich lohnen

Rechtliche Beratung für Startups – Investitionen, die sich lohnen

17. November 2024
Juristische Trends für Startups 2025: Chancen und Herausforderungen

Juristische Trends für Startups 2025: Chancen und Herausforderungen

19. April 2025
Innovative Geschäftsmodelle – Risiko und Chance zugleich

Innovative Geschäftsmodelle – Risiko und Chance zugleich

10. September 2024
Startups und Innovation in Deutschland – Herausforderungen und Chancen

Startups und Innovation in Deutschland – Herausforderungen und Chancen

25. September 2024

Video

Mein transparente Abrechnung

Mein transparente Abrechnung

10. February 2025

In diesem Video rede ich ein wenig über transparente Abrechnung und wie ich kommuniziere, was es kostet, wenn man mit...

Read moreDetails
Faszination zwischen und Recht und Technologie

Faszination zwischen und Recht und Technologie

10. February 2025
Meine zwei größten Herausforderungen sind?

Meine zwei größten Herausforderungen sind?

10. February 2025
Was mich wirklich freut

Was mich wirklich freut

10. February 2025
Was ich an meinem Job liebe!

Was ich an meinem Job liebe!

10. February 2025
  • Privacy policy
  • Imprint
  • Contact
  • About lawyer Marian Härtel
Marian Härtel, Rathenaustr. 58a, 14612 Falkensee, info@itmedialaw.com

Marian Härtel - Rechtsanwalt für IT-Recht, Medienrecht und Startups, mit einem Fokus auf innovative Geschäftsmodelle, Games, KI und Finanzierungsberatung.

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
  • en English
  • de Deutsch
Kostenlose Kurzberatung