Slashdot Mirror

← Back to Stories (view on slashdot.org)

Death Knell For DDoS Extortion?

Posted by kdawson on from the greener-pastures dept.

Ron writes "Symantec security researcher Yazan Gable has put forward an explanation as to why the number of denial of service attacks has been declining (coincident with the rise of spam). His theory is that DoS attacks are no longer profitable to attackers. While spam and phishing attacks directly generate profit, he argues that extortion techniques often used with DoS attacks are far more risky and often make an attacker no profit at all. Gable writes: 'So what happens if the target of the attack refuses to pay? The DoS extortionist is obligated to carry out a prolonged DoS attack against them to follow through on their threats. For a DoS extortionist, this is the worst scenario because they have to risk their bot network for nothing at all. Since the target has refused to pay, it is likely that they will never pay. As a consequence, the attacker has to spend time and resources on a lost cause.'"

3 of 101 comments (clear)

  1. Re:The payment risk has also prolly risen as well. by tmarthal · · Score: 5, Insightful

    He also doesn't seem to get that sometimes people DoS sites out of spite or out of malice.

    You can't put a pricetag on being an asshole to the internet community.

  2. One assumption though... by Chabil+Ha' · · Score: 4, Insightful

    That all DDoS attacks are for the purpose of extortion. Does nobody do these things simply because they just want to blackball someone anymore? No, this isn't the death of the DDoS.

    --
    We're all hypocrites. We all have hidden parts, it's the contrast between them that make us more a hypocrite than others
  3. Re:No extortion ever, then! by R3d+M3rcury · · Score: 4, Insightful

    It's sort of like kidnapping.

    Way back when, kidnapping was a pretty good way to make some quick cash. Grab somebody's significant other and tell them to deliver money to see them again. The automobile was pretty new and you could grab somebody and get them far enough away in a short amount of time that local law enforcement couldn't deal with it.

    Thus, the feds were immediately brought in to any kidnapping case. Because the FBI had kidnapping specialists who knew all the angles, kidnapping for ransom became very unsuccessful. Nowadays, you rarely hear of a kidnapping case with a ransom demand here in the United States. It's just not worh it.