Cyber-mobsters drop DoS attacks

Powered by SC Magazine
 

Extortion technique no longer profitable, say experts.

The practice of holding websites hostage under the threat of denial-of-service (DoS) attacks is declining, according to security researchers at Symantec

DoS attacks are carried out by botnet operators using armies of remotely controlled PCs to flood a site with traffic and information requests. The attacks can cause sites and web services to run slowly or shut down altogether.

Criminals use the attacks to extort money from organisations by launching a first DoS attack and then threatening to launch further attacks unless the company pays up.

The tactic has recently drawn the attention of legislators, who passed laws last November allowing for tougher punishments for the crime.

Symantec said that it has seen a steady decline in the number of reported DoS incidents in the past six months, and believes that much of it is due to the inefficiency of the practice.

The problem for the criminals, according to Symantec security engineer Yazan Gable, is that the brute-force attacks are often costly and inefficient for the botnet operator.

"Whenever a botnet owner carries out a DoS attack they run the risk of losing some of their bots," Gable said in an article for the company's security response blog

"This could happen either because an attacking computer is identified and disinfected, or simply blocked by its ISP from accessing the network.

"Furthermore, if the botnet owner is not careful they could lose their entire network if their command and control server is identified."

Another problem for botnet operators arises when the victim calls the attacker's bluff and refuses to pay.

"Since the target has refused to pay, it is likely that they will never pay. As a consequence, the attacker has spent time and resources on a lost cause," wrote Gable.

The security engineer added that the drop in DoS extortion may also be due to the increased use of botnets to deliver large-scale spam mailings.

Gable noted that the drop in DoS attacks has coincided with a dramatic rise in spam volumes, suggesting that the lower-risk, more lucrative spam market may be luring botnet owners away from the DoS attack business.

Copyright ©v3.co.uk


Cyber-mobsters drop DoS attacks
 
 
 
Top Stories
ATO shaves $4m off IT contractor panel
Reform cuts admin burden, introduces KPIs.
 
Turnbull introduces data retention legislation
Still no definition of metadata to be stored.
 
Crime Commission prepares core systems overhaul
Will replace 30 year-old national criminal database.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  27%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  21%
 
End user computing (desktops, mobiles, apps)
  14%
 
Software development
  25%
TOTAL VOTES: 433

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  54%
 
No
  46%
TOTAL VOTES: 209

Vote