Five Dastardly Distributed Denial of Service Attacks

420 views
378 views

Published on

While all Internet attacks obviously require a certain level of sophistication, in the world of cyberwarfare the Directed Denial of Service (DDoS) attack is one of the most simple: ping a target server with more requests than it can handle, so legitimate users can’t get through or the server crashes. It can also be effective, which is why the DDoS has become a common form of cyberattack, now bring employed by countries as cyberware gains state-sponsorship. Let’s look at some of the more high-profile DDoS attacks in cyberhistory.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
420
On SlideShare
0
From Embeds
0
Number of Embeds
85
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Five Dastardly Distributed Denial of Service Attacks

  1. 1. Five dastardly Distributed Denial of Service attacksWhile all Internet attacks obviously require alevel of sophistication, in the world ofcyberwarfare the Distributed Denial ofService (DDoS) attack is one of the mostsimple: ping a target with more requests thanit can handle so real users can’t get through.It can also be effective, which is why DDoShas become a common form of cyberattack,now often employed by countries ascyberware gains state-sponsorship.Let’s look at some of the more high-profileDDoS attacks in cyberhistory. Image courtesy of rajcreationzs/ FreeDigitalPhotos.net By Jeff Jedras
  2. 2. Robert Tappan MorrisWhile he didn’t set out to do harm, RobertTappan Morris may have given birth to themodern computer virus when he unwittinglyreleased the first computer worm on the world in1988 while a student at Cornell University.His stated goal was to gauge the size of theInternet, but its self-replicating nature caused itto disrupt target machines, causing millions ofdollars in damages. He inspired the creation ofthe U.S. Computer Emergency Response Team(CERT), and was the first person charged underthe Computer Fraud and Abuse Act.While not strictly a DDoS attack, it was an earlyprecursor. He’s now a professor at MIT.
  3. 3. Iran a target and a combatant Iran has been a hotbed of DDoS attacks. Or at least suspected ones. In late 2011, Bank of America Corp., JPMorgan Chase & Co and Citigroup were among a group of U.S. companies to have their web sites disrupted by attacks – all four are involved in enforcing U.S. economic sanctions against Iran.U.S. government officials pointed to Iran, but Iranian officials denied anyinvolvement.Iran has also been a target. During the Iranian student uprising in 2009, protestgroups targeted the web site of Iranian president Mahmoud Ahmadinejad,causing the government to temporarily shut down the Internet.
  4. 4. Who’s bad?Not all DDoS attacks aremalicious. When Michael Jacksonpassed away in 2009, there was amassive explosion in Internetsearches for information on thelate pop singer. The volume wasso high that search giant Google’s servers became overloaded, and withmillions of searches being conducted, Google thought it was the target of aDDoS attack.The symptoms were all there – a massive number of requests pinging Google’sservers. People searching for Michael Jackson were for a time forced to enter acaptcha to prove their humanity. Eventually, Google put two and two togetherand took its DDoS countermeasures offline, declaring a false alarm.
  5. 5. Montreal’s MafiaBoy While MafiaBay may be Canada’s entry to the DDoS hall of fame, his exploits were certainly global in nature. In 2000, Montreal teenager Michael Calce launched a DDoS attack against large commercial sites such as Yahoo, FIFA, Amazon, Dell, E*Trade and CNN. The costs of the attack were estimated at $7.5 million, and after a joint FBI/RCMP investigation, Calce was identified and plead guilty to most of the charges he faced. He later wrote a book about his experience that called for greater Internet security, claiming serious vulnerabilities still exist.
  6. 6. Going nuclear: Root nameserversIt would be extremely difficult to pull off, but thenuclear DDoS attack option would target the 13Domain Name System root nameserver clusters thatare, essentially, the backbone of the Internet. A sustained attack that took enough of them offlinecould essentially shut down the entire Internet.However, the system is built with so muchredundancy that the scale required to launch suchan attack would be massive. Some have tried – a2002 attempt targeted all 13 servers and only lastedan hour, while another in 2007 caused performanceissues for four servers that was compensated for bythe others – but no serious attempts have been Image courtesy of twobee/ FreeDigitalPhotos.netmade.

×