The New Face of DDoS: Spamhaus attacked, and Estonia asks Russia for help
It’s been an interesting few weeks for Distributed Denial of Service attacks (DDoS).
DDoS was a hot security topic several years ago, and spurred the success of several companies such as Arbor Networks and service provider Prolexic Technologies.
DDoS attacks became less common and less destructive, and bandwidth became cheaper, which meant that websites could simply buy more bandwidth to defend against some simple attacks such as SYN floods. In fact, DDoS attack prevention was being built into many IPS products like TopLayer, and a number of pure-play anti-DDoS startups like NetZentry all but disappeared.
But in 2007, with the widespread scourge of zombie botnets comprising tens of thousands of compromised computers, DDoS is hot again. Some notable instances this year:
1. In February 2007, during the RSA security conference, the root DNS servers of the Internet were attacked with a massive DDoS flood.
2. In May 2007, Estonian government agencies and online companies were DDoSed in a massive politcally motivated attack from all around the Globe. At least one Estonian bank shut off access to their site from networks outside the country. Russia was blamed for many of the attacks. Now Estonia is < a href="http://www.reuters.com/article/internetNews/idUSL0671620620070606">asking the Russian government for help to find the cyber-criminals.
3. In early June 2007, anti-spam stalwart SpamHaus was attacked with a massive SYN flood, taking down several of their mirrors that host their anti-spam and anti-phishing blacklists.
What we are seeing is combative attacks by cyber-criminals to keep their spamming and phishing activities profitable, combined with politically motivated attacks that are designed to send a global message to the tech-savvy world.