DDoS Attacks: What Can Enterprises Do to Combat Them?

 
 
By Chris Preimesberger  |  Posted 2013-05-21 Email Print this article Print
 
 
 
 
 
 
 
 

Somebody always has something to gain from a distributed-denial-of-service (DDoS) attack. A DDoS hit is carried out by a bot computer or hacker sending a large amount of innocent-looking traffic to a Website. All it takes are a few thousand requests per second to kill most of today's application stacks. If there is just an order of magnitude more, even the servers could buckle and crash the site. This is relatively easy to generate but extremely hard to separate between the DDoS traffic and the legitimate user traffic. One of the first DDoS attacks, in which hackers paralyzed systems with excess traffic, took place 13 years ago and was used purely as a method of extortion. Since then, DDoS attacks have become ubiquitous and are used in everything from social and political protests to business-to-business transactions. What was once a nuisance is now a mature threat that companies must reckon with. Leveraging case-study analysis of attacks over the last decade, the following slide show is a timeline demonstrating how DDoS attacks have shifted and how this will affect business moving forward. Key insight for this eWEEK slide show comes from Paul Bristow, senior director of the security business unit at Juniper Networks, and eWEEK reporting.

 
 
 
  • DDoS Attacks: What Can Enterprises Do to Combat Them?

    by Chris Preimesberger
    1 - DDoS Attacks: What Can Enterprises Do to Combat Them?
  • August 1999: The First DDoS Attack

    The world's first DDoS attack, as noted by the SANS Institute, occurred in August 1999 when approximately 200 "zombie computers" flooded a computer at the University of Minnesota with excess traffic. Consequently, the attack affected hundreds of other systems, resulting in a nearly three-day computer outage at the school.
    2 - August 1999: The First DDoS Attack
  • February 2000: DDoS Attacks Hit E-commerce Sites

    Launched against Websites such as eBay, Amazon, Buy, Yahoo, CNN, ETrade and ZDNet, the motive for this high-profile DDoS attack was nothing more than extortion. Victims—in this case, the companies behind the Websites—were told to pay the attackers or suffer the consequences. This method continued as the status quo for six years.
    3 - February 2000: DDoS Attacks Hit E-commerce Sites
  • 2006: DDoS Motives Diversify

    2006 marked the first time a DDoS attack was used for political motives. Hacking group Anonymous used the attacks as a method of protest. Reacting to news of an HIV-positive two-year-old being banned from an Alabama amusement park, the group broke into the virtual social networking site Habbo, which is based on a hotel setting. The group inserted numerous avatars (fake accounts) resembling black men in suits to block the virtual site's pool, declaring it was "closed due to AIDS."
    4 - 2006: DDoS Motives Diversify
  • 2008: DDoS Attacks Enter Traditional Warfare

    Before gunfight erupted between Russia and Georgia, Russian hackers dispersed a DDoS attack in Georgia's Internet infrastructure, effectively disabling the government's sites via the unsustainable amount of Web traffic. Bill Woodcock of the nonprofit Internet-traffic tracker Packet Clearing House told The New York Times that due to their low cost and anonymity, DDoS attacks "will almost certainly remain a feature of modern warfare."
    5 - 2008: DDoS Attacks Enter Traditional Warfare
  • 2009: DDoS Attacks Spread, Slowloris Rears Its Head

    By 2009, more hacking groups begin realizing the effectiveness and ease of DDoS attacks. This year also saw the arrival of "Slowloris," a strategy aimed at disabling incoming requests. The tools required to create a Slowloris eventually became free, democratizing access to these methods of DDoS attacks.
    6 - 2009: DDoS Attacks Spread, Slowloris Rears Its Head
  • 2009: Iranian Reformists Respond to Alleged Election Tampering

    Iranian reformists disillusioned by the alleged rigging of the election exchanged scripts for launching DDoS attacks against President Mahmoud Ahmadinejad's Website using social media. Iranians based in the U.K. also reportedly supported the DDoS attacks against Ahmadinejad by providing additional software for launching the attacks, which were successful in taking down the president's and other government Websites. In a parallel activity, Anonymous, Pirate Bay and the Iranian Green Party launched a site called "Anonymous Iran" to help the protestors better communicate with each other and the outside world.
    7 - 2009: Iranian Reformists Respond to Alleged Election Tampering
  • 2010: DDoS Becomes a Payback Mechanism

    WikiLeaks, a site which often exposes sensitive government documents, encounters "payback" in the form of DDoS attacks. Government agencies and activist groups who see WikiLeaks as a threat to diplomacy and security use DDoS attacks to shut down the site or freeze accounts and cut off ability for WikiLeaks to receive funding. The payback comes full circle, as those who shut down WikiLeaks themselves became the targets of DDoS attacks by hacktivists defending WikiLeaks.
    8 - 2010: DDoS Becomes a Payback Mechanism
  • 2011: DDoS Used as a Smokescreen

    Sony security teams are distracted trying to defend against coordinated DDoS attacks, leaving no one to see network intrusions were simultaneously causing Sony PlayStation user accounts—101 million of them—to be breached.
    9 - 2011: DDoS Used as a Smokescreen
  • 2011: LOIC Popularized by Anonymous and LulzSec

    Low-Orbit Ion Cannon, or LOIC, was designed to stress-test networks, but once it became freeware, Anonymous popularized its use. It continues to grow, even though it reveals the IP address of the user. It's rumored that a new version will mask a user's IP address.
    10 - 2011: LOIC Popularized by Anonymous and LulzSec
  • 2011-2012: Banks Feel the Brunt of DDoS

    In late 2011, hackers begin to go after bank Websites and corporate networks, including Bank of America, JPMorgan Chase and Citigroup. These attacks escalated in 2012, with Wells Fargo, PNC Bank, and others also becoming victims to DDoS attacks. Attacks continue today, and now U.S. government officials suspect Iranian hacktivists are carrying out many of them.
    11 - 2011-2012: Banks Feel the Brunt of DDoS
  • 2013: DDoS Used to Manipulate the Value of Virtual Currencies

    In April 2013, DDoS attacks hit Mount Gox, suspending Bitcoin's currency exchange for hours. The influx of attacks on virtual currencies causes industry experts to speculate whether DDoS is being used to cause market volatility—enough to quickly and easily turn a profit for those in control.
    12 - 2013: DDoS Used to Manipulate the Value of Virtual Currencies
 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
Thanks for your registration, follow us on our social networks to keep up-to-date
Rocket Fuel