EXPLORE
Sign In
← Back to Explore
T1498

Network Denial of Service

Adversaries may perform Network Denial of Service (DoS) attacks to degrade or block the availability of targeted resources to users. Network DoS can be performed by exhausting the network bandwidth services rely on. Example resources include specific websites, email services, DNS, and web-based applications. Adversaries have been observed conducting network DoS attacks for political purposes(Citation: FireEye OpPoisonedHandover February 2016) and to support other malicious activities, including ...

WindowsIaaSLinuxmacOSContainers
13
Detections
3
Sources
1
Threat Actors

BY SOURCE

6splunk_escu5elastic2sigma

PROCEDURES (7)

Service4 detections

Auto-extracted: 4 detections for service

Unusual2 detections

Auto-extracted: 2 detections for unusual

Exfiltrat2 detections

Auto-extracted: 2 detections for exfiltrat

Suspicious2 detections

Auto-extracted: 2 detections for suspicious

Network Connection Monitoring1 detections

Auto-extracted: 1 detections for network connection monitoring

General Monitoring1 detections

Auto-extracted: 1 detections for general monitoring

Exfiltrat1 detections

Auto-extracted: 1 detections for exfiltrat

THREAT ACTORS (1)

APT28

DETECTIONS (13)

Deployment Deleted From Kubernetes Cluster
sigmalow
Detect ARP Poisoning
splunk_escu
Detect IPv6 Network Infrastructure Threats
splunk_escu
Detect Port Security Violation
splunk_escu
Detect Rogue DHCP Server
splunk_escu
Detect Traffic Mirroring
splunk_escu
Nping Process Activity
elasticmedium
Ollama Excessive API Requests
splunk_escu
OpenCanary - NTP Monlist Request
sigmahigh
Possible Okta DoS Attack
elasticmedium
Spike in Firewall Denies
elasticlow
Spike in host-based traffic
elasticlow
Spike in Network Traffic
elasticlow