Cyber-mobsters drop DoS attacks

Powered by SC Magazine
 

Extortion technique no longer profitable, say experts.

The practice of holding websites hostage under the threat of denial-of-service (DoS) attacks is declining, according to security researchers at Symantec

DoS attacks are carried out by botnet operators using armies of remotely controlled PCs to flood a site with traffic and information requests. The attacks can cause sites and web services to run slowly or shut down altogether.

Criminals use the attacks to extort money from organisations by launching a first DoS attack and then threatening to launch further attacks unless the company pays up.

The tactic has recently drawn the attention of legislators, who passed laws last November allowing for tougher punishments for the crime.

Symantec said that it has seen a steady decline in the number of reported DoS incidents in the past six months, and believes that much of it is due to the inefficiency of the practice.

The problem for the criminals, according to Symantec security engineer Yazan Gable, is that the brute-force attacks are often costly and inefficient for the botnet operator.

"Whenever a botnet owner carries out a DoS attack they run the risk of losing some of their bots," Gable said in an article for the company's security response blog

"This could happen either because an attacking computer is identified and disinfected, or simply blocked by its ISP from accessing the network.

"Furthermore, if the botnet owner is not careful they could lose their entire network if their command and control server is identified."

Another problem for botnet operators arises when the victim calls the attacker's bluff and refuses to pay.

"Since the target has refused to pay, it is likely that they will never pay. As a consequence, the attacker has spent time and resources on a lost cause," wrote Gable.

The security engineer added that the drop in DoS extortion may also be due to the increased use of botnets to deliver large-scale spam mailings.

Gable noted that the drop in DoS attacks has coincided with a dramatic rise in spam volumes, suggesting that the lower-risk, more lucrative spam market may be luring botnet owners away from the DoS attack business.

Copyright ©v3.co.uk


Cyber-mobsters drop DoS attacks
 
 
 
Top Stories
Making a case for collaboration
[Blog post] Tap into your company’s people power.
 
Five zero-cost ways to improve MySQL performance
How to easily boost MySQL throughput by up to 5x.
 
Tracking the year of CIO churn
[Blog post] Who shone through in 12 months of disruption?
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  68%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  12%
TOTAL VOTES: 1064

Vote