Slashdot Mirror
Gangs Extort Companies With DDoS Attacks
Pcol writes "The Financial Times reports that gangs based in Eastern Europe have been launching attacks on corporate networks costing the companies millions of dollars in lost business and exposing them to blackmail. Sites have been asked to pay up to ensure they are free from Distributed Denial of Service attacks for a year. One detective reported, 'If the demand comes in for $40,000-50,000, compared to the losses they're suffering, there's an attraction for the companies to pay and hope it goes away. But there's nothing to say it will go away.'"
The gangs can *TRY* to extort money, but in the long run, it would be cheaper to hire consultants or better administrators. This will have the effect of IMPROVING security worldwide. Thanks European gangs!
I can't believe I just saw an anti-microsoft comment modded down. Holy jesus.
funny thing is with the old mobsters paying protection money to mob A would stop mob B from doing the same.
what's to stop another DDoS group from doing the same?
as the movies teach never pay the protection money
And what is the diffrence between this and security companies that extort protection money out of us to protect us from vulnrabilities that they research and publish? Eeye anyone?
I can't believe I'm responding to such an obvious troll.... but...
:-)
How is this like a car that randomly explodes?
This is like a gang threatening to slash your tires. Would the auto company be liable because their tires are not slashproof?
As we know from THIS site, nobody is slashproof!
- For the complete works of Shakespeare: cat
For $50,000 a year, sounds like a decent wage for anyone who's currently unemployed. Why not just hire a good whitehat instead of caving into blackhat demands?
What you see happening is what will cause more restrictions on freedom in an attempt to control illegal activity.
Rosco: "If brains were gunpowder, Enos couldn't blow his nose."
DDoS attacks require a *lot* of hacked computers. Usually Microsoft OSes with low security settings.
It annoys me that MS's bad approach to security is now threatening businesses worldwide on two levels, first by exposing their own computers and then by exposing them to distributed attacks by the general populace. Even businesses that didn't have a single MS system in use are affected by one company's half-@$$ed security practices.
Not trying to troll, just making a genuine point. If consumer computers were security-locked by default, DDoS attacks would be infinitely more difficult to pull off.
I think a better way of seeing this is as follow:
You buy a ford car.
Someone tells you to pay $100/year and they won't punch holes through your tires for a year.
Is ford to blame for selling you a car with tires that could be deflated? likely no.
I can imagine the headline. . , hitman kills a bunch-o 14 year olds for 40 grand=)
How Now Brown Cow
A lot of people seem to misunderstand you..
They think that you're saying that MS is liable because someone can use all your resources (which is ridiculous, of course.)
What I think you're saying is that it's MS that allows the security holes in their software, which allows these gangs to take control of other people's computers and launch the DDoS.
Your analogy is wrong - perhaps a better one might be that an automobile manufacturer makes a car that can be easily stolen (say by jiggling the door handle, and a key is not required to start it) if someone steals this car, and drives it through a business's window, should the car manufacturer be liable?
Its not like Gang A can Stop Gang B from DDos attacking a network.. This is not the slums where they can have hired henchmen beat anyone else trying to inch into there area.
You pay gang A to go away.. a month later gang B hits you.. You complain to gang A.. They tell you its not them.. You pay gang B.. a month later gang C hits you.. WASH and Repeat till your company is broke
Personal Website
It's not just that a company directly makes money from their web presence. Many companies provide information at no cost to it's consumers (FAQ's, Knowlege Bases, Instructions, etc...). The availability of these resources often lead to our purchasing a product.
There are networks that are resistant to DDoS attacks... basically the network just block superfluous traffic.
Unfortunately, there is no solution to DDoS attacks other than good security at the edges of the network. As long as anyone in the world can install Win98, not run Windows Update once, get cable internet service, and not be held accountable by their ISP for any bad things their computer may do that they didn't know about... DDoS will always be with us.
A strategy to deal with DDoS must be part policy, part networking hardware, part server hardware, and part software. Basically, you use an ISP whose routing hardware is DDoS resistant, you over-build your servers, and trim the software. That should eliminate big points of failure. At least until the next generation DDoS software comes out.
If I were to design a perfect world where DDoS attacks don't happen, I would enact legislation (world-wide, mind you... though only a few countries implementing it would be a good thing)... basically requiring two things:
1. An internet router is responsible for ensuring that packets coming from outside the internet are from an IP address that is directly connected to it
2. An internet router is required to suspend service for 1 hour in the case of a packet storm, where a packet storm is a series of packets from one IP to another IP utilizing 50% of the available bandwidth
Alternatively, a less severe suggestion for number 2... if you see a packet storm, throttle the bandwidth of those packets severely for 10 minutes.
If every ISP implemented the above two rules, DDoS would be MUCH harder to implement.
You can build a DDoS resistant router based on heuristics... if you see a sudden spike in traffic going to a particular server, then put that traffic on a lower priority level. As you see packets come across, characterise them. Once a certain number of packets share a certain number of characteristics in a certain amount of time, it is safe to assume that the packets are part of a DDoS and should be filtered for a small period of time... 15 minutes or so; just enough to keep the traffic to a manageable level.
I am disrespectful to dirt! Can you see that I am serious?!
I donno about anyone else, but twice now the SOSDG's main web server has been Slashdotted, and it didn't even cough. Its on a 1.5/256 DSL line.
Of course, it didn't even cough. It's only serving 256 Kbps of bandwidth! A Pentium 75 running Apache can saturate a 10 Mbps network with static page requests and never hit a high load average!
I mean, for static requests, the code in Apache might as well be:
$fp=fopen($sourcefile, 'r');
while (fwrite($stdout, fgets($fp, 1024)))
{}
fclose($fp);
At which point the *only* bottleneck is I/O.
The question is really: How many people never saw your website due to the anemic bandwidth?
Answer that, and then you have something to say.
I have no problem with your religion until you decide it's reason to deprive others of the truth.
How do these guys expect to collect the money without being caught? You need to show up in person to accept cash (or at least show up at a drop point) and large transfers can be tracked... Can't they? So how do they collect?
Never at a loss for words... because of the voices.
Old gangs running the "protection" racket could actually offer protection for a price, by ensuring the exclusivity of their turf, and freedom from other gangs for those in it. That's how the tax/police model works, theoretically offering the taxed a chance to choose the Boss by voting. But these Eastern European "gangs" can't guarantee exclusive control of their turf (the Internet). By the same token, neither can the police. Where will the equilibrium coalesce? Or have we swept over the edge of chaos, into the abyss?
--
make install -not war
As long as cigarettes are legal, I think it's silly to bring legal action against the manufacturers, cigarettes are bad for you and as far as I know, everyone is familiar with this. As soon as cigarettes are outlawed, then if someone wants to keep distibuting then, then sue away. I think if anyone wanted to sue Microsoft for having security holes, they'd have to take a long hard look at themselves first and think about the consequences. Such action would have strong merit however if you could point to a a vulerability that Microsoft intentionally introduced or refused to fix, such as a backdoor. There are a lot of injustices in the world, but it's important to pick your battles carefully. Today it's people using windows exploits to DDOS vulnerable sites, tomorrow it might be a bug in sendmail or bind doing the same thing.