Attack on Square-Enix, Direction for Online Terrorism - Prevalent Botnet Crimes and Consequences
(Page 3 of 4 )
In August of last year, six men were indicted in a California court for taking advantage of the economic impacts of DDoS. The CEO and business partner of Orbit Communication, a satellite TV dealer, were accused of hiring hackers to attack competitors’ websites. The other four that were indicted were the hackers, located in Louisiana, Ohio, Arizona, and the United Kingdom. Investigators say the largest botnet was roughly 5-10,000 computers, followed by the next largest of 3,000. The attacks took out competitors across the US, in Massachusetts, Los Angeles, Miami. They also took out an internet service provider that hosted one of those sites, which suffered $1 million in losses. Altogether the losses between the companies were estimated at roughly $2 million. These men, if nothing else, demonstrate the power of online crime to strip money and business from companies.
Less than a month later, in September of 2004, Authorize.net received a demand for “a substantial amount of money” from an online extortionist. Authorize.net, which supplies credit card services to over 90,000 online businesses, received the letter in their general mailbox. After refusing to give into the demands, the company was hit with waves of DDoS attacks. This knocked credit card services for almost a hundred thousand online vendors down for days. Some decided to confirm credit card information over the phone, but all lost significant business. One said that he was losing $4,000 a day. Earlier in the year Authorize-It and 2Checkout, in the same business as Authorize.net, were hit by DDoS attacks of similar extortion schemes. Banks have also been getting many similar threats as well. Square-Enix released no information on whether they were blackmailed or not.
The effects of the botnet are felt not only in the company being attacked but all the companies associated with it as well. In both of the above cases, businesses that were not targeted suffered and lost considerable amounts of revenue. A payment processor going down can leave all its clients unable to make sales. ISPs can go down from botnet attacks on one of their clients, potentially dropping service to all their clients. Even established stores that have services available on the internet, such as BestBuy.com, may suffer economic loss if their website goes down; those who prefer shopping online or just check prices will move on to another website. The attacked company can suffer as a whole, with not just loss of online sales but also loss of people coming into the store to buy that printer they saw on the website. The interwoven businesses, when suffering these losses, may have to cut employees hours or lay off workers. DDoS attacks can have real and tangible consequences.
The motivation for DDoS is often financial, but there have been a share of political attacks as well. Early speculations and rumors on the internet were that Chinese hackers were responsible for the attacks on Final Fantasy XI, but naturally there is no verification of this. Chinese nationalists have been accused of DDoS attacks in the past. When the Chinese captured an American spy plane in 2001, the FBI issued warnings to system administrators to tighten security against political assaults. And the attacks did come, even though some Chinese hackers confused which websites they were going after. In a strange mistake, some targeted a white house parody site (www.whitehouse.org) instead of the actual white house page (www.whitehouse.gov). Supposedly they also defaced some American pages by inserting Chinese or communist flags into them.
The recent speculations are based on the current relationship between China and Japan, as Square-Enix is a Japanese corporation. The degrading relations are the result of a new set of history textbooks Japan is using that downplay Japanese WWII atrocities. China is also disturbed that Japan wishes to become part of the U.N. Security Counsel. Tens of thousands of Chinese protestors took to the streets in outrage. CNN.com reports, “The protests saw tens of thousands of protesters call for a boycott of Japanese products, burning flags and shouting anti-Japanese slogans.” The attack on Square-Enix servers could be related to the protestors’ anger and intentions to boycott Japanese industry. Other Japanese websites suffered DDoS attacks about the same time, in particular their National Police Agency and Defense Agency websites were attacked for several hours. It wouldn’t be out of the question that political activists in the future could use DDoS attacks to make a statement or take out offending companies.
Next: Working Against DDoS >>
More Opinions Articles
More By Developer Shed
/ 64 
