Be Very Afraid: DDoS Attacks in the News
Sorry for the sensationalistic headline. We don’t want you to overreact. Yes, the Internet is dangerous now, but it’s always been a dangerous place. Below you’re going to find a bunch of articles pointing out just how dangerous the Internet is (and especially focusing on DDoS attacks), but that shouldn’t stop you from enjoying the Internet. (Then the hackivists win.) We just want you to remember that, if we want to keep enjoying the Internet, we have to be realistic about the cyber-world out there, and that may mean taking some extra steps to make sure your site stays up — like, maybe signing up for LiteSpeed’s free anti-DDoS proxy service…
First is a very American post (perhaps leaning towards the be-very-afraid camp): cyber-security advisor David Gerwitz reminding us that “we are under attack” (he’s talking about America, but it could just as easily apply to all legitimate users of the Internet), and “until every American is actively involved in his or her own defensive behavior, cyberattackers have an easy, wide-open invitation to enter, pillage, and plunder our networks.”
The 2013 Check Point security report suggests that Mr. Gerwitz is not paranoid, pointing out that 63% of 888 organizations surveyed were infected with bots, and providing a series of interesting real-world stories of security compromised.
Then there’s this Arbor Networks white paper (though you have to give them some information to be able to download it). It does good job pointing out why the most common network protections — IPS and firewalls — just aren’t enough. You need intelligent DDoS mitigation systems. We’d like to point out LiteSpeed is offering just that for the low price of $0.00. (Arbor’s site doesn’t list any prices, but eWeek reported in 2011 that VeriSign anti-DDoS mitigation starts at $35,000.)
Rounding out our overview of security threats, we have KrebsonSecurity detailing a $900,000 bank heist obscured by a DDoS attack, and ComputerWeekly.com reports that a quarter of DDoS attacks in 2013 will be application-targeted and multivector DDoS attacks are becoming more common.
If you’re a history buff, GigeNET offers a little review of some of the most important early DDoS attacks.
And finally, my favorite post, though possibly the least directly related to security, is on the Verge noting how DDoS, which some tout as a tool for freedom of expression, has resulted in easy and cheap Internet oppression.