There used to be a misconception that if everyone flushed their toilet at the same time, the water supply demand would break. The same idea was behind a strike of buying gas when the prices go up - stop buying gas to protest the price increase. We hope that democratic societies allow for voting to get a certain politician into office works the same way.
That same concept - for many members of a group to cause a strong effect on a few, is used in the computer / Internet world. Specifically the 'bad guys' who are trying to get notoriety for respect, or earn money for doing bad things on behalf of others, have devised a similar idea in the Internet world.
The Internet is a lot like automobile roads and traffic. It was designed to handle a huge amount of traffic and do so through routes that are shortest path to their destination. Hackers have figured out that they can take control of many computers and use them to attack a few machines at specific locations - like Visa, Bank of America, Macy's, government web sites, or even Internet providers like Comcast and website hosting places like GoDaddy.
HOW DDoS WORKS
Simply explained - the attack is easy to understand; an individual has control over a bunch of 'drone' or 'zombie' computers (which have previously been infected with a Botnet, allow hackers to control them from anywhere in the world, whenever they want) to attempt to go to a website.
Typically websites are designed to handle 30 to 75 people looking at a website at once. Bigger companies can handle much more simultaneous traffic. When the amount of people looking at the same time goes up to 10,000, it may be difficult to 'serve' those 'webpage requests' all at once. Hackers will employ tens of thousands of machines to view a website, at the same time, which in effect with cripple the website from displaying. This effect is called a Distributed Denial of Service Attack (DDoS) attack. Other attacks are based around attacking the machines which help route a PC to the particular page they are trying to visit. This second explanation is what has just happened over the past several months. (BIND 9 has been patched for a vulnerability.)
Recently layman's tools to command and control these kinds of Botnet infected PC's have become readily available. As recently as mid-June 2013 through August 2013, many many websites are made unavailable because of DDoS attacks, or intercepting an unpatched website look up machine. The effect of which is over 700,000 websites stopped working in July 2013.
MOTIVATION OF HACKERS
In some cases, their motivation is political - to free a political prisoner, or to represent ideologies. But the DDoS tools are so common today that many attacks are now done because 'it can be done,' and it will provide credibility to various hackers for respect of other, more powerful hackers. I do not want to get into the childish psychology of these 'younger' hackers, but in general it is no longer just for a specific political purpose. It is for personal gain and an individual's ranking in a type of hacker social stratum.
Neustar has created a helpful infographic showing the 2012 DDoS statistics, as compared to 2011 DDoS data. Kaspersky Labs has created this infographic to help understand how Botnet's effect your computer as well as the Internet at large.
For more detailed information on DDoS attacks, here are a few websites explaining the types, trends, technologies and effect on the world:
ArborNetworks.com Live Threat Portal
NetworkComputing.com DDoS Attacks Getting Bigger, Report Finds
ComputerWeekly.com New Threat Portal pegs DDoS Attacks at 2570 per Day
Rivalhost.com 12 Types of DDoS Attacks Used by Hackers
Akamai.com The Challenge: Safeguarding Against DDoS Attacks
Verizon Enterprise 2013 Data Breach Investigations Report
Rivalhost.com Understanding Web Threats: Denial of Service Attacks
eWeek.com How Do Booters Work? Inside a DDoS Attack for Hire
Circleid.com 5 Steps to Prepare for a DDoS Attack
Bankinfosecurity.com Who's Really Behind DDoS?
No comments:
Post a Comment