Attack on Square-Enix, Direction for Online Terrorism - How Hard Is It to Launch a DDoS Attack?
(Page 2 of 4 )
So how complicated is it to launch a DDoS attack? Frighteningly, even an unskilled computer user can coordinate one, given a couple tools. It all starts when a script kiddie (internet slang for those unskilled users who like to plug information into code they find) personalizes a malicious script designed to infect other computers. These script packages are basically the DDoS “toolkit,” and they are becoming increasingly available online. The script tells an infected computer to log into a certain chat room of choice, often on IRC, whenever it is connected to the internet. The scripts can often spread themselves through email viruses or by going into other chat rooms and placing links to a script distributing page that chatters may follow. People who have computers that are infected and recruited into a botnet often don’t even know about it unless they run updated anti-viruses and firewalls. Once enough computers are infected and logged into the script kiddie’s chat room, anyone in that room can order them to do things if they know the commands.
Some of the largest botnets observed have been upwards of 50,000 computers, although experts say that botnet owners are now dividing their minions between several smaller botnets to avoid having their entire network compromised at once. After gaining control of a sizeable botnet, creating a DDoS would really just require giving the command for, “go load this specific web address a lot of times.” The relatively new broadband connections that can pull a lot of data at once are invaluable to botnets as they can put a huge strain servers. The attack is very difficult to thwart, since the server sees the botnet’s attempts to load the page look the same as legitimate computers trying to access it. It’s also hard to track or block, since the attack is “distributed,” coming from all over the world.
For companies like Final Fantasy XI, this can have grave impacts. The game is designed to profit from people subscribing to their game for $12.95/month, and continued DDoS could mean the end of their business. With users unable to reliably connect, the game offers nothing at all for them to play. The company will lose frustrated subscribers and potential new customers may sign up with a different MMOG instead. Other kinds of businesses that rely on websites, such as Amazon, could lose immeasurable amounts of sales if attacked. This could be useful news to those interested in blackmailing them. Given a large enough botnet, a hacker could threaten to put a website out of business unless the site returns some of its profits to the blackmailer. Obviously, MMOGs are at great risk of this sort of threat because their subscribers will likely not return after they cancel, and the entirety of the business relies on their servers’ performance. Besides blackmail, sabotage is another way to take advantage of DDoS.
Next: Prevalent Botnet Crimes and Consequences >>
More Opinions Articles
More By Developer Shed
/ 64 
