Dave Lewis

Commoditization Of DDoS Attacks

Blog Post created by Dave Lewis Employee on Jul 2, 2015

At the RSA security conference last week there was no end of talk about the types of threats that enterprises face today. They ranged from the garden variety $foreign government wants to attack you right down to the vilification of teenagers sitting in the parent’s basements using point and click attack tools as they fumble with their bag of Doritos.

 

One thing that I didn’t hear a great deal of discussion about was around what I’ve seen as the commoditization of distributed denial of service attacks (DDoS). What do I mean? Well, there has been a growing push by the attacker community to set up DDoS as a service offerings.

 

These offerings are cloud delivered DDoS platforms. These services offer plans where people can sign up to different tiers of attack traffic. Using Bitcoin a person could subscribe to attack traffic for a couple hours up to and including several months and different volumes. The barrier to entry into the attack market has dropped precipitously.

 

To put a fine point on this, there is a group that I will refer to only as the Knucklehead Crew. I have no interest in giving them any press for their activities. They set up a service using code that they copied from another operation and then implemented it in an insecure fashion. The list of their first several hundred clients was easily accessed. So, while these folks were not security geniuses they had quite a list of customers in rather short order. They knew enough to be dangerous but, not enough to stay out of the path of law enforcement.

 

The commoditization of these attacks has left many sites susceptible to attack that might not have otherwise been targeted in the past. For less than the price of a coffee a day, websites can come under fire. This is a troubling notion.

 

This begs the question, what can you do to protect yourself? You need to make sure that your infrastructure is resilient and can endure an attack. You need to look at the costs associated with your site being offline in the event it was attacked. How much revenue would your organization lose for every minute you were down? Rather sobering moment when you crunch those numbers.

 

The barriers to entry for the attackers continue to drop on a daily basis. It gets easier to cause trouble and this does nothing to help defenders who are already over worked and stretched thin. I hope that a greater focus on defense will grow out of this so that organizations can have the ability to protect their web properties.

 

Originally posted on Forbes, April 2015.

Outcomes