Tag Archives: companies

How Hackers Make Money from DDoS Attacks

Attacks like Friday’s are often financially motivated. Yesterday’s attack on the internet domain directory Dyn, which took major sites like Twitter and Paypal offline, was historic in scale. But the motivation for the attack may seem opaque, since no valuable information seems to have been stolen. A group called New World Hackers is claiming credit, but giving conflicting accounts of their motives—and security experts have called them “impostors.” So why else might someone have done it? This class of hack, known as a distributed denial of service (DDoS) attack, has been around for a while. And while many DDoS attacks are indeed motivated by politics, revenge, or petty trolling, there’s frequently money involved. For instance, DDoS attacks are often used as leverage for blackmail. Once a hacking group has a reputation for being able to field a large and dangerous botnet to knock servers offline, they can demand huge ‘protection’ payments from businesses afraid of facing their wrath. In fact, they don’t even have to do the hacking in the first place—in one recent case, someone posing as a notorious cabal merely emailed blackmail messages and managed to pocket tens of thousands of dollars before they were exposed. In the current case, there are rumors that Dyn was a target of extortion attempts before the attack. And the hackers behind what may be the biggest DDoS attack in history could demand a pretty penny to leave other companies alone. A wave of impostors will likely give it a shot, too. There’s another, even darker money-driven application of DDoS attacks—industrial sabotage. Companies seeking to undermine their competition can hire hackers to take the other guys offline. DDoS services are often contracted through so-called “booter” portals where anyone can hire a hacker’s botnet in increments as small as 15 minutes. Researchers found last year that three of the most prominent booter services at the time had over 6,000 subscribers in total, and had launched over 600,000 attacks. (And despite the criminal reputation of Bitcoin, by far the largest method used to pay for DDoS-for-hire was Paypal.) But it’s unlikely that this was some sort of hit called in by a competitor of Dyn—that tactic seems to primarily appeal to already-shady dealers, including online gambling operations. Finally, DDoS attacks can serve as a kind of smokescreen for more directly lucrative crimes. While a security team is struggling to deal with an army of zombie DVRs pummeling their system, attackers can grab passwords, credit card numbers, or identity information. In weighing possible explanations for Friday’s attack, it’s important to note the massive scale of the thing. Even if their claims of responsibility aren’t credible, New World Hackers’ description of about 1.2 terabits of data per second thrown at Dyn’s servers is both vaguely plausible and utterly mind-boggling. That’s around a thousand times as powerful as the huge 620 gigabit per second attack that knocked out a single website, Krebs on Security, last month. Dyn has also described the attack as sophisticated, arriving in three separate waves that targeted different parts of their systems. That kind of operation could have been pulled off by a gang of kids doing it for kicks—and maybe that’s the scarier scenario. But such a massive undertaking suggests bigger, and possibly more lucrative, motivations. Source: http://fortune.com/2016/10/22/ddos-attack-hacker-profit/

See the original post:
How Hackers Make Money from DDoS Attacks

Researcher believes major DDoS attacks part of military recon to shut down internet

Security researcher Bruce Schneier spotted a series of DDoS attacks which may be part of a larger effort to learn how to take down the internet on a national or even global scale. The attacks targeted major companies that provide the basic infrastructure for the internet and the incidents seem to appear to have probed the companies’ defenses to determine how well they can protect themselves, according to a Sept. 13 blog post. Schneier said he is unable to give details concerning which companies were targeted because he spoke with the companies under anonymity, but said the attack rate has increased in the last two years and that his findings are supported by a Verisign DDoS trends report. Schneier told SCMagazine.com he believes the attacks are part a foreign cyber organization doing military recon activities. The attacks are believed to be from China, but that being said Schneier said he is hesitant to point the blame at anyone. So far the targeted companies have been able to defend themselves, but when it comes to actually being able to take down the internet, Schneier said, “it does seem you can do it for small amounts of time but not permanently.” Some other experts agree. Several countries have a history of using DDoS attacks to target the U.S. and other nations so it’s safe to say that if taking down the internet will improve one’s position as a world power, someone will try to do it, Plixer CEO Michael Patterson told SCMagazine.com via emailed comments. “Consider the past attacks on our utilities and our 911 system and you can begin to appreciate the possibility of a combination of attacks that would certainly be possible with DDoS technologies,” Patterson said. “Our government needs to develop and implement a full scale back-up in the event that any one of these world players are successful in taking down the Internet.” Patterson said so much of the U.S. economy depends on the internet that its critical to have an alternative communication and digital plan in place in case something happens. However, some industry pros expressed doubt that an attacker would be able to carry out such a large scale attack. While the size, duration, and sophistication of DDoS attacks continue to grow, a complete shutdown is unlikely, Tim Matthews, Imperva Incapsula VP of marketing,  told SCMagazine.com via emailed comments. “Attacks might present temporary regional slowdowns – and annoy customers – but certainly not cause a global Internet blackout, as Mr. Schneier suggests,” Matthews said. “And with proper DDoS protections in place, most attacks like these would be stopped in their tracks.” Source: http://www.scmagazine.com/infrastructure-ddos-attacks-could-be-part-of-larger-plan-to-shut-down-internet-on-massive-scale/article/522962/

Link:
Researcher believes major DDoS attacks part of military recon to shut down internet

Crypto e-mail provider ProtonMail pays ransom to stop DDoS attack, attack continues

Switzerland-based end-to-end encrypted e-mail provider ProtonMail has been on the receiving end of a heavy DDoS attack since Tuesday, November 3, and unavailable to its users for hours on end. Pro…

Continued here:
Crypto e-mail provider ProtonMail pays ransom to stop DDoS attack, attack continues