Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Infosec: The threat from cyber extortion

And the weapon of choice is the DDoS attack.

Article comments

Criminal gangs are increasingly using the Internet as a tool to extort money from businesses. Thousands of Distributed Denial of Service attacks are occurring globally every day and it is vital that senior management wakes up to the very real risk of such an assault.

The rise of the Internet carries a number of threats in the form of viruses, hackers, worms, and malware. Most companies are aware of these risks and have the appropriate processes and technology in place to mitigate them. But in the last few years these internet based threats have taken on a more malevolent and sophisticated nature; virus writing is no longer the pastime of teenagers with too much time on their hands - instead, viruses are now being written for organised cyber criminals motivated only by money.

Extortion – A growing problem
These criminals are increasingly using a method known as Distributed Denial of Service (DDoS) attacks. DDoS attacks are launched with the sole aim of crashing a company’s website or server by bombarding them with packets of data, usually in the form of web requests or emails. Unlike single source attacks (which can be stopped relatively easily), the attacker compromises a number of host computers which, in turn, infect thousands of other computers that then operate as agents for the assault. These infected host computers, known as ‘zombies’ or ‘bots’, then start flooding the victims’ website with requests for information – creating a vast and continuous stream of data that overwhelms the target website, thus preventing it from providing any service.

Every business is at risk
The cost of a DDoS attack can be substantial and it has been estimated that as many as 10,000 occur world-wide everyday. DDoS extortion attacks were originally used against online gambling sites. Criminal gangs would initiate attacks that would bring the website down just before a major sporting event, inflicting maximum financial damage. Now, however, DDoS attacks are increasingly being used to extort money from all sorts of businesses.

There are numerous examples of DDoS attacks that can be cited. One of the most well known DDoS attacks occurred early last year: ‘MyDoom’ infected hundreds of thousands of computers before launching an attack on SCO (a Utah based Unix vendor) that took the company out of business for several weeks. The motivation for the attack has never truly been established.

DDoS attacks are a truly global threat as the extortionists are not restrained by traditional borders. Even the Greater Manchester Police have fallen victim to an assault; recently its chief constable was subjected to 2000 emails an hour in an attempt to crash the force’s computer systems. DDoS attacks are also being used for increasingly political purposes. On Valentine’s day this year animal activists set up a chat-room and encouraged people to log on and ‘chat’ at the same time. For every word typed an email would be sent to the target organisations in the vivisection and fur industries in an effort to crash their websites.

The reality is that no company is safe. The problem is exacerbated by the fact that DDoS attacks do not simply effect the organisations they are targeted at, but can in fact bring down the Internet Service Provider (ISP).

Lack of awareness is making businesses vulnerable
Despite the substantial damage DDoS attacks can cause, research released by IT Company IntY earlier this year has revealed an alarming lack of awareness amongst businesses about the threat posed. According to IntY, more than half of UK companies are at risk because this lack of understanding has resulted in a widespread failure to implement the necessary preventative technology. It is vital that senior decision makers wake up to the very real threat posed by DDoS attacks. A failure to do so could have far reaching consequences.

All businesses with an online arm should implement the necessary preventative measures to mitigate the threat of a DDoS attack. Many companies rely on reactive measures such as blackholing, router filters and firewalls, but all these methods are either inefficient, not sophisticated enough to protect against cyber criminals or can only be configured to specific external sources.

A multi-layered approach to defence
While all these tools do possess crucial security features, they fail to offer sufficient protection against the ever evolving and sophisticated nature of these assaults. If companies are to successfully combat a DDoS attack a truly multi-layered approach to defence must be adopted. Thus it is vital to establish a solid relationship with your service provider to ensure that you are aware of the measures that are available to protect your network and online business. Recent research by Arbor Networks revealed that DDoS attacks are the most crippling threat facing ISPs today, yet only 29% of ISPs surveyed offer security and DDoS service levels agreements to their customers.

Because DDoS attacks are launched from thousands of computers around the world it is essential that companies share information about the attacks if they are to be stopped. Such assaults cannot be fought alone and a collaborative effort is vital. A number of ISPs including Belgacomm, Cable & Wireless and COLT have signed up to Arbor Networks Fingerprint Sharing Alliance which enables them to share detailed attack information in real time and block attacks closer to the source. Once an attack has been identified by one company, the other ISPs in the Alliance are automatically sent the ‘fingerprint’ enabling them to quickly identify and remove infected hosts from the network. This enables businesses and their ISPs to stay abreast of security threats as they arise. The Alliance is helping to break down communication barriers and its rapid growth marks a significant step forward in the fight against cyber criminals.

The threat of being blackmailed by organised criminals using DDoS attacks is very real and businesses cannot afford to be complacent. Such attacks are capable of bringing even the largest companies to their knees. However, stand alone defences are insufficient to combat these attacks and a comprehensive approach to security must be implemented. Not only should a multi-layered security strategy be instilled at enterprise level, but companies must also work with their ISPs to ensure that they too have taken preventative measures.

Arbor Networks is exhibiting at Infosecurity Europe 2006.


Share:

More from Techworld

More relevant IT news

Comments




Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *