February 08, 2012

Hacktivist-led DDoS is now the most common type, study finds

For the first time, political motivation rates as the top driver behind DDoS attacks, in which the availability of websites buckle under the weight of floods of traffic, according to a study released by security firm Arbor Networks.

The findings of the seventh annual "Worldwide Infrastructure Security Report," released Tuesday, should surprise few people, considering the meteoric rise of online "hacktivist" collective Anonymous, which has been responsible for not only launching many of these ideologically propelled attacks, but also in encouraging others to join in. Previously, financial fraud, with a clear organized criminal motivation, rated as the number one driver.

Now that knocking a site offline – and then demanding a ransom to return it to its normal state -- is no longer the most likeliest scenario, more organizations than ever may be unprepared for such attacks, according to Arbor.

"What we saw in 2011 was the democratization of DDoS," Roland Dobbins, an Arbor solutions architect and the report's main author, said. "Any enterprise operating online – which means just about any type and size of organization – can become a target because of who they are, what they sell, who they partner with or for any other real or perceived affiliations."

Dobbins said the attackers increasingly are being aided by "inexpensive and readily accessible attack tools." One such example is the Low Orbit Ion Cannon, which allows even the technically challenged to use their computer to automatically direct sustained and frequent IP packets at a target.

The socially motivated DDoS barrage – often seen by their purveyors as the internet-era version of civil disobedience – really began taking off in late 2010, when the Anonymous group temporarily knocked offline sites that were unsympathetic to whistleblower organization WikiLeaks, such as MasterCard and PayPal. Since then, Anonymous and affiliated groups, such as LulzSec, have counted various police departments, the CIA, the U.S. Department of Justice and the Motion Picture Association of America, among others, as victims.

According to the Arbor study, the DDoS attacks it studied remained massive in size. The largest such incident measured 60 gigabits per second, down from 100 Gbps in 2010, but still large enough to knock a business offline.

[An earlier version of this story incorrectly spelled Dobbins' first name].

Related Articles
Related Topics

Sign up to our newsletters

More in News

House Intelligence Committee OKs amended version of controversial CISPA

Despite the 18-to-2 vote in favor of the bill proposal, privacy advocates likely will not be satisfied, considering two key amendments reportedly were shot down.

Judge rules hospital can ask ISP for help in ID'ing alleged hackers

The case stems from two incidents where at least one individual is accused of accessing the hospital's network to spread "defamatory" messages to employees.

Three LulzSec members plead guilty in London

Ryan Ackroyd, 26; Jake Davis, 20; and Mustafa al-Bassam, 18, who was not named until now because of his age, all admitted their involvement in the hacktivist gang's attack spree.