Denial-of-service Attacks Are On The Rise

Distributed Denial-of-Service attacks, called DDoS attacks, have been increasing in frequency, and many of these attacks are politically motivated. For instance, during the armed conflixt between Georgia and Russia, Russian hackers flooded the other country with fake requests. This made it almost impossible for legitimate traffic to get through, effectively shutting down Internet access. The frequency of this kind of attack and the number of targets being attacked has gone up significantly in the course of the past several years.

Computers making this kind of attack can be located anywhere in the world, and may not actually even belong to the hackers in question. They may come from machines operated by people who've volunteered to assist in an attack, or even from people whose machines have been taken over and are being operated remotely. Targets that have been hit include companies, news outlets and servers owned by governments. In many cases, existing network security isn't enough to deal with this kind of attack.

There are a number of things which can be done to deal with DDoS attacks. Several companies monitor the course of these attacks through network security tools. Customers using these tools may share their traffic pattern data - this helps identify attacks when they start, and can help in stopping them. Some software tools can intercept commands and identify routing patterns that signify an attack is going on.

The current procedure for defending against this kind of attack is to shut off traffic as close as possible to the source of the attacker, and to manage traffic going toward the target with great care. In the case of organizations which are attacked for political reasons, such as newspapers, this can be very difficult. Accessing traffic can be hard, and ISPs have to cooperate to stop an attack.

One of the reasons that DDoS attacks are on the rise is that it has recently gotten much easier to engage in one. 2007's Estonian site attacks from Russia used scripts and botnets that were difficult to employ if the user didn't know a lot about computers and programming. However, there are now buyable attack programs available for less than a hundred dollars each. Made by hackers, these programs are DDoS attack kits that provide ready made code and an interface that's easy to use. Controlling a botnet has become much simpler than it was in the past.

There are even web interfaces in existence that will allow volunteers to easily participate in one of these attacks, and online forums allow coordination of an attack. These attacks are getting both more effective and simpler to launch as dependence on and availability of network resources increase. After all, without the right resources, launching an attack is impossible, and unless the target is dependent on those resources, the attack will have little effect.

Pinpointing who is actually responsible for an attack can be very difficult. Finding the individual botnets that are the source is relatively easy, but finding out who's paid for the attack can be very difficult. Since DDoS attacks can cost a lot of money and cause the loss of an enormous number of work hours, many victims want compensation. However, it's hard enough to find out who's responsible for the attack that this can be impossible to get. This makes the problem fairly complex - a lot of damage can be done, but catching the perpetrators is nearly impossible.