For those who don’t know, a DDoS attack is when compromised zombie computers around the world are instructed by a hacker (known as the botmaster) to flood a website with traffic. The website can become so swamped with traffic from computers based around the globe that it can be slowed down considerably, or even made utterly inaccessible by the outside world.
If it makes it easier to picture it, think of 20 hippos trying to get through a revolving door – the whole thing gets clogged up, and no-one is able to get in or out.
DDoS attacks are frequently used for blackmail. We have reported in the past on some of the Russian hackers who have been sentenced for blackmailing British gambling websites and online gift retailers who have been struck in the run-up to Christmas.
What is becoming clear, however, is that money is not the only motivation for some hackers to launch DDoS attacks against websites.
Last week, for example, it was announced that an Estonian court had fined 20-year-old Dmitri Galushkevich for a denial-of-service attack that hit the website of Estonia’s ruling political party. The hacker’s punishment was interesting, because at the time of the attacks in April 2007, the Estonian Minister of Defense had accused the Russian government of sponsoring the attacks against it, and even called on NATO to recognize the incident as “military action”. As we discussed in the Sophos Security Threat Report 2008, no proof was ever put forward showing that the Kremlin was involved.
Meanwhile, the controversial Church of Scientology has been forced to defend its websites from a DDoS attack. The anonymous group of hackers behind the attacks even went so far as to rally support for their attacks on the Scientology organization by posting YouTube videos calling on others to participate in the disruption. Even if you strongly disagree with an organization’s activities it seems fundamentally wrong to take the law into your own hands, and engage in criminal activity against them. In a development that further damaged the hackers’ arguments it was reported that a Dutch school website was accidentally affected by their attack on the CoS.
Whatever the motivation for the DDoS attack, you can imagine that the damage down to a business by having its website blasted off the net can be considerable, and we have seen some cases where companies have offered substantial rewards for information leading to the conviction of those responsible for an attack.
Most DDoS attacks are happening because home users have not properly secured their PCs against hackers – but it is possible for corporate computers to be compromised too. A reliable anti-virus, firewalls, and up-to-date patches can all help better secure your computer from becoming a part of the zombie problem.