NOW READ THIS
("Security Advisory")
Go Back
Submitted by: Bill Hickey
NCVA List Master
NRT-0170 Cyber Criminals Launching fewer DoS Attacks:
Security researchers at Symantec have determined that the practice of holding web sites hostage under the threat of denial-of-service (DoS) attacks is declining, according to a new online report. Botnet operators carry out DoS attacks by using armies of remotely controlled PC's to flood a site with traffic and information requests. The attacks can cause sites and web services to run slowly or shut down altogether. Criminals use the attacks to extort money from organizations by launching a first DoS attack and then threatening to launch further attacks unless the company pays up. The tactic has recently drawn the attention of legislators, who passed laws last November allowing for tougher punishments for the crime. Symantec said that it has seen a steady decline in the number of reported DoS incidents in the past six months, and believes that much of it is due to the inefficiency of the practice.
The problem for the criminals, according to Symantec security engineer Yazan Gable, is that the brute-force attacks are often costly and inefficient for the botnet operator. "Whenever a botnet owner carries out a DoS attack they run the risk of losing some of their bots," Gable said in an article for the company's security response blog. "This could happen either because an attacking computer is identified and disinfected, or simply blocked by its ISP from accessing the network. "Furthermore, if the botnet owner is not careful they could lose their entire network if their command and control server is identified."
The drop in DoS extortion may also be due to the increased use of botnets to deliver large-scale spam mailings. Gable noted that the drop in DoS attacks has coincided with a dramatic rise in spam volumes, suggesting that the lower risk, more lucrative spam market may be luring botnet owners away from the DoS attack business.
(www.vnunet.com 27APR07)
Last Modified: Sunday, 06-May-2007 09:48:35 EDT