- Nokia's new N97 vs. the iPhone
- 10 Microsoft research projects
- Hard to get justice in MySpace case
- Smartphone smackdown: Storm vs. iPhone
- Apple removes antivirus support page
You may have heard about distributed denial-of-service attacks and the harm they can wreak on organizations. You might think you're safe because you're not a clear target like Google, Yahoo, or Microsoft (all of which have suffered severe outages due to distributed DoS attacks), or if you're primarily a "bricks-and-mortar" organization with limited Web presence. You'd be wrong.
In recent months, two trends have combined to greatly increase the risk to companies of distributed DoS attacks. The first is that an increasing number of organizations are using the Internet to enable remote workers to connect to corporate resources. The number of remote workers has skyrocketed by 800% in the past five years, according to recent research from Nemertes Research. Many of those users connect to corporate resources via the Internet and distributed DoS attacks could keep these legitimate users from accessing their data center resources.
The second trend is the dramatic increase in distributed DoS-based extortion. Hackers have learned that the ability to connect to the Internet has tangible value, and they're starting to use distributed DoS attacks as a way to attempt to force companies to pay up. Carl Landwehr, program director for the National Science Foundation's (NSF) CyberTrust program, points out that in 2004 there has been a notable increase in distributed DoS-for-money attacks: A hacker will launch an attack, then contact the victim and demand money (usually $10,000 to $50,000) to make it stop. While the most common targets for such attacks are online businesses such as casinos, any organization with a Web site is a potential target.
As with any denial-of-service attack, distributed DoS attacks work by paralyzing the victim's servers and systems and clogging their network access points with useless traffic. Technically, today's distributed DoS attacks are a step up in sophistication from the old denial-of-service attacks of yore. With distributed DoS, the attacker lines up a network of hacked machines-called "zombies" across the Internet that, upon command, launches an assault on the target. Many times, taking out the "control" machine won't stop the attack - the "zombies" keep on assaulting the victim. Moreover, hackers don't even need to create their own "zombie armies" - other hackers have compiled armies as large as 20,000 machines, and will rent these to other hackers.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
SMART Steps Toward Consolidated Workload Automation
Consolidating job scheduling into a single, comprehensive workload automation solution is a critical first step to effective workload automation (WLA).
White paper on WLA here
A Comprehensive Approach to Practicing ITIL Change Management
Read a compelling whitepaper by EMA, Inc. to learn best practices for integrating workload automation.
Whitepaper here
2 Minutes to IT workload automation
BMC CONTROL-M can put money back into your IT budget and strip the complexity and risk from workload automation.
View video here
Gain a faster, cheaper way to manage workload
BMC CONTROL-M can help you migrate to a workload automation solution to meet your organization’s goals.
Listen here for more info
Comment