DoS and DDoS Attacks: Bigger, Dumber, More Threatening

Carl Weinschenk

The year in distributed denial of service (DDoS) attacks can be described pretty simply: Bigger, dumber and more dangerous. At least that's the conclusion not in those words, of course reached by Arbor Networks in the fourth edition of its Worldwide Infrastructure Security Report.

 

The firm found that DDoS attacks are surpassing 40 gigabits -- double the size found last year -- and have severely tested some ISPs' security infrastructure. If the same doubling happens between this year and next, the report concludes, it will be beyond the ability of some providers to stay operational.

 

The survey which put 90 questions to 70 security engineers found that the attacks themselves were unsophisticated and aimed at simply overwhelming defenses. The plan, it seems, is in the process of working.

 

I mentioned this Georgia Tech Information Security Center study last week. Here is Dark Reading's comprehensive rundown on the contents of its annual Emerging Cyber Threats Report. Essentially, the idea is that smartphones finally are set to take their place as the next big thing to worry about, a spot that they have threatened to grab for a while. The danger is that smartphones will be hit with voice fraud, data theft, remote code execution and botnets. Denial of service (DoS), a close relative of DDoS, will be launched via commandeered smartphones.

 

Session Initiation Protocol (SIP) is the hot signaling protocol for establishing and terminating (or tearing down) a VoIP call. How SIP is implemented and managed is a vital element in determining how liable a network is to security problems, including DoS attacks. It is a highly complex topic. SecureLogix CTO Mark Collier, who runs the VoIP Security Blog, provides a post linking to eight papers on SIP and DoS. The focus at least in these papers is on detection.


 

It doesn't help that, for a variety of reasons both legitimate and not DNS servers are not being patched, despite the well documented existence of a problem that could lead to DOS attacks. The flaw was discovered earlier this year by researcher Dan Kaminsky. According to figures from an Infloblox sruvey, 40 percent of DNS servers still are vulnerable to the problem.

 

The dangers were real. Late last week, the British Broadcasting Company was the victim of a DDoS attack. This ZDNet post has the details, which notes the attack originated from different countries and knocked the site out of commission for 75 minutes. The post says the attack wasn't necessarily political, but that politically based attacks are likely to increase in 2009. Last month, an 18-year-old Verona, N.J. man admitted to launching a DDoS attack against the Church of Scientology's Web site. He faces up to 10 years in prison and has agreed to pay a $37,500 penalty.



Add Comment      Leave a comment on this blog post
Nov 14, 2008 2:38 AM Anthony Critelli Anthony Critelli  says:
We should place some of our resources to prosecute this fraud. Denial of Service attacks cost companies a lot of Business. At this point it probably has had a significant effect on GNP. Reply
Nov 14, 2008 6:54 AM Fredric L. Rice Fredric L. Rice  says:
Don't worry about it. If you're a legitimate company doing legitimate business, you don't have anything to worry about when it comes to online rights advocates like Anonymous.Before some corporation is identified as needing a denial of service attack directed against its servers, the corporation has to rise to the level of visibility and then be widely identified as deserving of an attack.Look at what motivates DDoS's. Look at what companies, governmental agencies, or other organizations are subjected to DDoS attacks. Ask yourselve what it is about such targets that made them targets in the first place.Then ask yourself whether your company, your corporation, your government agency, or your organization engages in the misbehavior that invites online mobs like Anonymous to enact stupid, pointless DDoS attacks against your servers.The answer is "probably not," ergo this stupid fear mongering is pointless.Scientology, child porn web sites, racist organizations, and homophobic Christian churches have been targeted by Anonymous for all the expected reasons, and while the n00b game of running DDoS attacks against the servers of such people is stupid and pointless, there are legitimate reasons why people take to the streets and take to the Internet and do what they do to voice opposition to the wrongs that are obvious.So no. You don't have to pee in your pants and down your legs, DDoS attacks aren't any bigger, aren't any meaner, and are not as much a threat to normal every-day people than say Africanized bee attacks.If you behave like Scientology or Fred Phelps or Ted Turner or the usual suspects doing that same-ole same-ole, of course, you can expect to rise to the point of visibility.It is then that you have to worry about coming to the attention of Anonymous.My opinions only and only my opinions, speaking solely for myself, as always. Reply
Nov 14, 2008 7:16 AM Zenu Zenu  says:
Also, if you call up the Secret Service, will they bother to help track your 18 year old attackers? Nop. So don' t be silly. For once learn from the Scientologists and don't become one. Reply

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

null
null

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.