Media interest in distributed denial of service (DDoS) attacks seems to be fading, and you could be forgiven for thinking the criminals behind them are directing their efforts elsewhere. That, dear reader, would be a grievous mistake: the threat from DDoS attacks is as great as ever.
In fact, those crafty DDoS attackers are thinking up new and ever more ingenious ways to make the most of the botnets at their disposal and to avoid detection. Well, that's what the good people at prevention specialist Prolexic told me recently, and I believe them – they see an awful lot more of this kind of thing than I do.
The firm's president, Keith Laslop, also warned me, with a look of impending doom in his eyes, that this year will see the first DDoS attack by cyber-terrorists. This, he said, will probably be aimed at financial institutions or other organisations whose web downtime would be likely to create mass hysteria, or at least a huge amount of inconvenience and publicity. For an idea of the kind of panic that might follow such an attack, cast your mind back a few years to the endless queues of frantic motorists at the petrol pumps during the fuel tax protests.
DDoS as a means of industrial sabotage is also on the increase, as are co-ordinated attacks involving DDoS and phishing emails that attempt to dupe victims into giving away their details. Here's what happens: your bank's site is taken down by a DDoS attack; you receive an email apologising for the inconvenience and directing you to an alternative, emergency site; you think, " Goodness, how efficient", and then spend the next six months trying get your life back.
Even IT Week has fallen victim to a DDoS attack. Regular visitors to our web
site will have noticed "availability issues" as we busily blocked the attackers.
The immediacy of online news makes sites such as ours particularly tempting
targets.
Extended downtime can cause a lot of damage to a publisher's brand and revenues.
So whoever is doing this, cut it out: I have my pension to think about.
Another consideration is where these attacks are coming from – and our old friend MySpace could be part of the problem. I'm always harping on about how the failure of social networking sites to vet content being uploaded has led to an increasing number of so-called passive attacks, in which those unlucky enough to navigate to a page containing malicious code are infected.
For the same reason such sites could also be the source of a many of the zombie PCs that are perpetuating the flood of spam and DDoS attacks. The problem is being greatly underestimated, said Laslop, because traditional honeypots can't trace this method of infecting PCs.
IT managers would do well to keep such threats on their radar and to have the right technologies and processes in place to deal with them. DDoS attacks may be out of the newspapers at the moment, but they are unlikely to go away in a hurry.
