Cyber extortion is now a very real threat--is your business at risk?Criminal gangs are increasingly using the Internet as a tool to extort To compel or coerce, as in a confession or information, by any means serving to overcome the other's power of resistance, thus making the confession or admission involuntary. To gain by wrongful methods; to obtain in an unlawful manner, as in to compel payments by means of threats of money from businesses. Thousands of Distributed Denial of Service attacks An assault on a network that floods it with so many additional requests that regular traffic is either slowed or completely interrupted. Unlike a virus or worm, which can cause severe damage to databases, a denial of service attack interrupts network service for some period. are occurring globally every day and it is vital that senior management wakes up to the very real risk of such an assault. The rise of the Internet carries a number of threats, in the form of viruses, hackers, worms, and malware. Most companies are aware of these risks and have the appropriate processes and technology in place to mitigate them. But in the last few years these interact based threats have taken on a more malevolent and sophisticated nature, virus writing is no longer the pastime of teenagers with too much time on their hands--instead, viruses are now being written for organised cyber criminals motivated only by money. Extortion--A growing problem These criminals are increasingly using a method known as Distributed Denial of Service A condition in which a system can no longer respond to normal requests. See denial of service attack. (DDOS See denial of service attack. ) attacks. DDOS attacks are launched with the sole aim of crashing a company's website or server by bombarding Bombarding is the process of 'pumping' a Cold Cathode Lighting tube (otherwise called Neon Signs). Information A detailed process of bombarding can be found here, Bombarding. them with packets of data, usually in the form of web requests or emails. Unlike single source attacks (which can be stopped relatively easily), the attacker compromises a number of host computers which, in turn, infect thousands of other computers that then operate as agents for the assault. These infected host computers, known as 'zombies! Or 'bots, then start flooding the victims website with requests for information--creating a vast and continuous stream of data that overwhelms the target website, thus preventing it from providing any service. Every business is at risk The cost of a DDOS attack can be substantial and it has been estimated that as many as 10,000 occur world-wide everyday. DDOS extortion attacks were originally used against online gambling Online gambling is a general term for gambling using the Internet. This article provides a brief introduction to some of the forms of online gambling, as well as discussing general issues. sites. Criminal gangs would initiate attacks that would bring the website down just before a major sporting event, inflicting maximum financial damage. Now, however, DDOS attacks are increasingly being used to extort money from all sorts of businesses. There are numerous examples of DDOS attacks that can be cited. One of the most well known DDOS attacks occurred early last year: MyDoom infected hundreds of thousands of computers before launching an attack on SCO (The SCO Group, Lindon, UT, www.sco.com) A leading vendor of Unix operating systems for the x86 platform. SCO had also offered Linux, but abandoned the line in the spring of 2003. The SCO Group is the combination of two companies: Utah-based Caldera, Inc. (a Utah based Unix vendor) that took the company out of business for several weeks. The motivation for the attack has never truly been established. DDOS attacks are a truly global threat as the extortionists are not restrained by traditional borders. Even the Greater Manchester Police Greater Manchester Police ("GMP") is the Home Office police force responsible for policing the metropolitan county of Greater Manchester, in North West England. The Force headquarters is at Chester House in Manchester. have fallen victim to an assault; recently its chief constable Noun 1. Chief Constable - the head of the police force in a county (or similar area) Britain, Great Britain, U.K., UK, United Kingdom, United Kingdom of Great Britain and Northern Ireland - a monarchy in northwestern Europe occupying most of the British Isles; was subjected to 2000 emails an hour in an attempt to crash the forces computer systems. DDOS attacks are also being used for increasingly political purposes. On Valentine's day Valentine's Day: see Saint Valentine's Day. Valentine's Day Lovers' holiday celebrated on February 14, the feast day of St. Valentine, one of two 3rd-century Roman martyrs of the same name. St. last year animal activists set up a chat-room and encouraged people to log on and 'chat at the same time. For every word typed an email would be sent to the target organisations in the vivisection vivisection (vĭv'ĭsĕk`shən), dissection of living animals for experimental purposes. The use of the term in recent years has been expanded to include all experimentation on living animals, rather than just dissection alone. and fur industries in an effort to crash their websites. The reality is that no company is safe-. The problem is exacerbated by the fact that DDOS attacks do not simply effect the organisations they are targeted at, but can in fact bring down the Internet Service Provider Internet service provider (ISP) Company that provides Internet connections and services to individuals and organizations. For a monthly fee, ISPs provide computer users with a connection to their site (see data transmission), as well as a log-in name and password. (ISP (1) See in-system programmable. (2) (Internet Service Provider) An organization that provides access to the Internet. Connection to the user is provided via dial-up, ISDN, cable, DSL and T1/T3 lines. ). Lack of awareness is making businesses vulnerable Despite the substantial damage DDOS attacks can cause, research released by IT Company earlier this year has revealed an alarming lack of awareness amongst businesses about the threat posed. According to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. IntY, more than half of LJK LJK Lee Jackson King companies are at risk because this lack of understanding has resulted in a widespread failure to implement the necessary preventative technology. It is vital that senior decision makers wake up to the very real threat posed by DDOS attacks. A failure to do so could have far reaching consequences. All businesses with an online arm should implement the necessary preventative measures to mitigate the threat of a DDOS attack. Many companies rely on reactive measures such as blackholing, router filters and firewalls, but all these methods are either inefficient, not sophisticated enough to protect against cyber criminals or can only be configured to specific external sources. A multilayered mul·ti·lay·ered adj. Consisting of or involving several individual layers or levels. approach to defence While all these tools do possess crucial security features, they fail to offer sufficient protection against the ever evolving and sophisticated nature of these assaults. If companies are to successfully combat a DDOS attack a truly multi-layered approach to defence must be adopted. Thus it is vital to establish a solid relationship with your service provider to ensure that you are aware of die measures that are available to protect your network and online business. Recent research by Arbor Networks revealed that DDOS attacks are the most crippling threat facing ISPs today, yet only 29% of ISPs surveyed offer security and DDOS service levels agreements to their customers. Because DDOS attacks are launched from thousands of computers around the world it is essential that companies share information about the attacks if they are to be stopped. Such assaults cannot be fought alone and a collaborative effort is vital. A number of ISPs including Belgacomm, Cable & Wireless and COLT have signed up to Arbor Networks Fingerprint Sharing Alliance which enables them to share detailed attack information in real time and block attacks closer to the source. Once an attack has been identified by one company, the other ISPs in the Alliance are automatically sent the 'fingerprint' enabling them to quickly identify and remove infected hosts from the network. This enables businesses and their ISPs to stay abreast of security threats as they arise. The Alliance is helping to break down communication barriers and its rapid growth marks a significant step forward in the fight against cyber criminals. The threat of being blackmailed by organised criminals using DDOS attacks is very real and businesses cannot afford to be complacent. Such attacks are capable of bringing even the largest companies to their knees. However, stand alone defences are insufficient to combat these attacks and a comprehensive approach to security must be implemented. Not only should a multi-layered security strategy be instilled at enterprise level, but companies must also work with their ISPs to ensure that they too have taken preventative measures. Jose Nazario, Arbor Networks |
|
||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion