- Is Microsoft preparing us to move beyond Vista?
- Why Google wanted to lose wireless spectrum auction
- iPhone shortage fuels rumors of imminent 3G phone
- XP for cheap PCs: a second crack in the wall
- Darts into data: Leveraging random action to competitive advantage
- Most iPhone buyers are existing Apple customers
- AT&T's so-called open network principles
- Mono dev tool offered
- ActiveState upgrades IDE
- Serena plans SaaS products
April 30, 2007 | Comments: (0)
Deaths knell for DoS extortion?
I'm always reluctant to believe arguments that some type of IT attack is dead. Remember those e-mails from two years ago about "spam is dead," or a year ago bout "no more worms?"
However, Symantec Security Response Engineer Yazan Gable posted a new blog on the company's Web site that offers some very intriguing conclusions about so-called denial-of-service extortion attacks and why they might be going away.
The simple fact is that the DoS threats (pay us money or we'll take down your network) are no longer as profitable as other alternatives, according to Gable, specifically because they put a big target on both the parties carrying out the attacks and their botnets, which could be used to carry out more profitable, and stealthy, schemes.
Putting yourself and your botnet at direct risk by specifically targeting some organization who will likely hire someone to fight you or track you down just isn't worth the effort, it would seem, when you could do something as crafty as bid up malware-laden ads on Google to distribute spyware, for instance, while keeping a much lower profile.
Gable writes:
"The thing is that DoS attacks are loud and risky. Whenever a bot-network owner carries out a denial-of-service attack they run the risk of losing some of their bots. This could happen either because an attacking computer is identified and disinfected, or if it is simply blocked by its ISP from accessing the network.
Furthermore, if the bot-network owner isn't careful they could lose their entire bot network if their command and control server is identified. Since a DoS extortionist has to carry out at least one successful DoS attack before they can even demand their pay, they run some serious overhead risks."
The DoS extortion model itself also commands a lot of foot work that other attacks don't require -- namely -- following through on your threats if you don't get paid. Gable said that nonpayment is one of the biggest issues for hackers, just like it is for legitimate billers.
"For a DoS extortionist this is the worst scenario because they have to risk their bot network for nothing at all. Since the target has refused to pay, it is likely that they will never pay. As a consequence, the attacker has to spend time and resources on a lost cause."
As a result, the researcher predicts that more hackers will move back to… Spam!
Well, it's a good thing spam is dead!
Posted by Matt Hines on April 30, 2007 09:51 AM
RATE THIS ARTICLE:
-
- COMMENTS
TOP STORIES
HP buys EDS for $13.9 billionCorporate software spending slows
MS targets smartphone market
SOA Software buys LogicLibrary
Phishers scamming IRS rebates
Sun to clarify JavaFX plan
MS' dev tool service packs
Developers' role shifting
MS: SP3 reboots OEMs' fault
Apple: iPhone out of stock
ADDITIONAL RESOURCES
- Virtualization: A Step by Step Approach to Success
- Dialing up Agility with Business Transformation
- 5 Things You Need to Know About Storage Virtualization
- Is your smaller organization ready for High Availability?
- Is system maintenance doing more harm than good?
- Virtual Test Lab Automation: Manage development infrastructure
