Low Orbit Ion Cannon (LOIC): Definition, Damage & Defense

Low orbit ion cannon (LOIC) is an open-source program anyone can download and use to stress test a website or app. But that same tool can be used to enact a distributed denial of service (DDoS) attack. 

Hackers using LOIC rarely ask for a payment or ransom. And they can't use the tool to steal any information. In most cases, LOIC is used by so-called "hacktivists" that hope to make you pay attention and change some policy or stance.

But an attack like this can be devastating, as a downed website simply can't serve your customers.

Let's walk through what an attack looks like, and we'll explain how you can protect yourself. 

How does an ion cannon DDoS work?

During an LOIC attack, a hacker bombards your server with UDP, TCP, or HTTP packets. Connections stay open, and eventually, your server can't handle all of the demands. 

Individuals can launch attacks from one server, but their influence is limited. But when several people join together, they're much more powerful, and their work can be catastrophic for your site. 

LOIC has been used in several devastating attacks. In 2010, for example, hackers targeted a corporate site that stopped supporting Wikileaks. Hackers also attacked RIAA in 2010 as a protest against copyright laws.

Protect yourself from LOIC attacks 

A well-designed firewall should protect you from most LOIC attacks. You could use the same software to test your setup and see how long your server stands up to sustained pressure.

Your staff can also assess your logs and look for suspicious IP addresses. Hacktivists rarely shield their IP addresses, as they often believe their work is virtuous and shouldn't be hidden away. The LOIC software doesn't allow for proxies either, so any IP address is easy to see. If you spot nasty work, sever the connection. 

Using LOIC to check your own server is legal. But using that software to attack someone else is not. If you come under attack, consider reporting the incident to the authorities. They'll need to conduct an investigation and bring the hackers to justice. 

Get the best protection available 

Strong security measures can protect your servers from hacktivists, thieves, and other dangers. At Okta, we've built some of the strongest protections available in the market today, and we'd love to help you. Learn more about how these products work and how you can implement them today.


Hacking for a Cause. (July 2005). First Monday. 

The Aussie who Blitzed Visa, MasterCard, and PayPal With the Low Orbit Ion Cannon. (December 2010). The Age. 

Anonymous Wikileaks Supporters Explain Web Attacks. (December 2010). BBC News. 

Anonymous DDoS Attack Takes Down RIAA Site. (October 2010). PC Magazine. 

For Suspected Hackers, a Sense of Social Protest. (July 2011). The New York Times. 

18 U.S. Code 1030: Fraud and Related Activity in Connection with Computers. Cornell Law School.