Network Security, Network Security

DDoS attacks rise in number, thanks to free tools

The Internet Crime Complaint Center on Thursday warned of a growing number of distributed denial-of-service (DDoS) attacks, many of which have been motivated by reasons not related to financial gain.

In a report detailing the latest scams, IC3, a partnership of the FBI and National White Collar Crime Center, said a number of websites, including many belonging to gaming companies, have come under recent attack by hacking groups.

"Open source of intelligence indicates that some of the attacks are supposedly in response to the company itself, while other attacks are in response to group rivalries," the report said, adding that hacking collectives, receiving coverage in the media, have been able to influence widespread participation in DDoS assaults.

The uptick in DDoS, a style of attack that is at least a decade old, is largely attributable to tools such as the open-source Low Orbit Ion Cannon -- a type of voluntary botnet --  or more traditional networks of compromised computers, which can be rented for as little as $10 per hour for up to 50,000 nodes, experts said.

"[DDoS has] been around forever, but it's way more accessible now," Eric Hemmendinger, senior product manager for managed security services at Tata Communications, told on Thursday. "All that translates in internet terms to that you don't have to be a rocket scientist  to do this anymore. For short money, you can get command-and-control for an hour of a very large number of nodes to inflict an attack on the target of your choice."

He said many organizations and their hosting providers lack the means to detect and ward off particularly vicious DDoS attacks, ones that could measure multiple gigabits per second.

"Once the attack starts, if you're concerned with what you can do in the [first] 12 to 24 hours, you're pretty much limited to the resources you have on hand or your service provider has on hand," Hemmendinger said. "What it comes down to is if you perceive yourself as potentially being a target, then waiting to become a target is not a smart strategy."

IC3 cited a number of complaints it received. In one case, an e-commerce company reported absorbing 165 million hits over a three-day period. In another, attackers bombarded a banking website with 8,000 hits per second to its login page, crippling access.

"It's not really for financial gain as opposed to a lot of the other fraud reported through (IC3)," Tim Gallagher, a supervisory special agent, told "In general, they're not economically based crimes [and are] usually [done] to get across some sort of message."

But the IC3 did say that some recent attacks have been used to distract victims from more pernicious actions occurring on their networks, such as attempts to extract sensitive data.

And while Hemmendinger admitted that there have been a string of headlines in recent months of DDoS attacks conducted for political reasons, such as ones against companies that cut ties with whistleblower website WikiLeaks, he said a huge chunk of cases are motivated by extortion.

Meanwhile, the IC3 alert also warned of a ramp up in extortion emails targeting physicians, fake donation sites and messages purporting to be from the FBI but which actually contain a trojan.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.