Hacktivist attacks grow as governments get in on the action

 

Share

0

"Knocking a song contest offline doesn't seem earth-shattering," Prince says. "But the same resources had also been used to attack political organizations advocating for more liberal policies in the Middle East."

Attacks intended to cripple the websites of groups aligned with liberal causes are on the rise and have begun to fall into a predictable pattern, says Thomas Hughes, managing director of VirtualRoad.org, a non-profit website-hosting company for 50 independent news publications and human rights groups in a dozen nations.

Reports of high-ranking officials caught in embarrassing situations as well as news coverage of the anniversaries of events with historical significance to the downtrodden are typical triggers for attacks, Hughes says.

A year ago, a typical denial-of-service attack against an independent news outlet or human rights group might have involved 500 computers sending nuisance requests to a targeted website, disrupting access to the site for a few hours. Now up to 5,000 computers might carry out such an attack, for days at a time, Hughes says.

"The key trend is the scaling up of these attacks, and the degree of sophistication," Hughes says. "The Internet has become the new battleground for freedom of expression."

Tools of the trade

A denial-of-service attacker's tool of choice is a botnet — a network of hundreds or thousand of infected PCs he or she controls that methodically bombards a website with nuisance requests, thereby cutting off public access to the site.

Criminals use botnets to spread viral spam, infect Web pages and search results, steal from online financial accounts and sell bogus drugs and software.

One in three personal computers is infected with botnet malware, estimates network monitoring firm Damballa. And 22% of the approximately 1 billion PCs connected to the Internet are actively under control of a botnet operator, the firm says.

Gunter Ollmann, Damballa's research director, says that many botnets exist solely to be hired out on an hourly basis to conduct denial-of-service attacks. "In the cybercrime ecosystem, this has become a separate service," Ollmann says.

What's more, Anonymous has popularized the use of a simple new tool that makes it easy for anyone to volunteer his or her PC to participate in an ongoing attack. Tens of thousands of individuals downloaded the simple tool to join the attacks that disrupted the websites of Visa and MasterCard. They were protesting the card companies' decision to cut off services to WikiLeaks, the controversial disclosure website.

"One of the top factors contributing to the escalating threat is the availability of tools used to carry out these attacks," says Carlos Morales, engineering vice president at Arbor Networks.

Anatomy of an attack

Daniel Joseph, an official with the Junta Central Electoral (JCE) — the Dominican Republic federal agency responsible for running elections — knows all too well how much trouble it can be to defend against a well-planned denial-of-service attack.