Actually, a DoS attack is not necessarily random (or even targeted) vandalism. Such an attack can be a crucial part of a well-planned break-in: for example, if the target network is guarded by an Intrusion Detection System, the cracker would do well to first take down that system so that it doesn't interfere with (or record) what happens next. Furthermore, after a successful DoS on a key server (DNS, for example), the cracker might be able to pose as that server and give responses that help them to break into other systems.