Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Bloody June: What's behind last month's DDoS attacks?

Jon Gold | July 8, 2014
The list of DDoS attacks in the month of June has made for grim reading. High-profile sites have been targeted by extortion demands, online games got disrupted and at least one company was put out of business as a direct result.

The list of DDoS attacks in the month of June has made for grim reading. High-profile sites have been targeted by extortion demands, online games got disrupted and at least one company was put out of business as a direct result.

While it's tempting to look for a single cause at the root of this apparent tsunami of distributed denial-of-service activity, the reality is considerably more complex. Online activism, the profit motive and even potential nation-state activity contributed to June's high volume of DDoS attacks.

The only commonality, in fact, may be the ease with which DDoS attacks can be launched. Experts like Molly Sauter, an academic and author of the forthcoming book The Coming Swarm, say that the process is childishly simple.

"Literally, if you have a credit card and if you're bored, it could be anyone," Sauter told Network World. "It's so easy to rent a botnet most of them are out of Russia and you can rent one for stupid cheap, and then deploy it for a couple of hours, and that's really all you need to target a major site like Feedly or Evernote."

Sauter's research focuses on the socio-political aspects of technology. She highlights the attacks, earlier in June, on websites connected to the World Cup's sponsors and backers, which used the iconography of Anonymous.

"I'm seeing a lot of Anonymous-oriented DDoS actions," she said. Anonymous, according to Sauter, is a useful "brand" for politically motivated DDoS attacks, allowing groups to identify themselves with a particular flavor of political thought, despite no organizational connection to other activists.

But the highest-profile attacks in the U.S. this June were not politically motivated the DDoS attempts that took down RSS reader Feedly and note-taking and personal organization service Evernote drew big headlines, and Feedly, at least, was asked for ransom by its attackers.

Feedly didn't pay up, and, according to Forrester principal analyst Rick Holland, that's probably for the best.

"There's no guarantee that they're not going to continue to DDoS you," he said. "It's like regular extortion you start paying people off and then, suddenly, they're going to keep coming back to you every month."

Holland stopped short of urging a blanket refusal to pay off DDoS extortionists, however, saying that companies need to decide their own cases for themselves, in close consultation with their legal teams. He doesn't know of any companies that have paid a DDoS ransom, but said that it wouldn't surprise him to learn that it has happened.

"I wouldn't be surprised if people have gotten DDoS, it didn't go public, they paid a ransom and that was that, but I have not specifically had those conversations," he said.

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.