Distributed denial of service (DDoS) attacks are cheap and easy to do. It’s just a matter of overwhelming the target site with a flood of internet traffic. According to Michael Smith, head of Akamai Technologies’ computer security incident response team (CSIRT), such attacks will only get worse as we roll out faster broadband infrastructure.
“That increases the amount of bandwidth available to the home, but that also increases that amount of bandwidth that a bunch of computers at the home can throw at a target site,” Smith says on on today’s episode of Corrupted Nerds: Conversations.
Attackers are getting smarter, too. Rather than attacking the infrastructure that supports a website, they’re attacking at the application layer — sending what appear to be valid website requests, but which result in a heavy load of database requests or processor time.
“The more secure that your site is, ’cos you’re checking for all these things for confidentiality and integrity, the harder it is to actually defend that site against an application DDoS attack,” Smith said.
This interview was recorded on 4 September 2013 via Skype to Sydney, Australia.
Corrupted Nerds: Conversations podcast only via RSS and iTunes.
Corrupted Nerds: Extra podcast only via RSS and iTunes.
All Corrupted Nerds podcasts via RSS, iTunes and SoundCloud.
- Official Akamai Technologies company website.
- Patch Monday podcast from 2 October 2012, DDoS attacks: 150Gb per second and rising, with Alex Caro, Akamai Technologies’ chief technology officer and vice-president of services for Asia Pacific and Japan, and Tal Be’ery, web security research team leader at Imperva.
- Michael Smith’s blog posts at Akamai.
- Akamai’s current State of the Internet report, updated quarterly.
- Wikipedia entry for botnets.
- Cybercrooks use DDoS attacks to mask theft of banks’ millions, CNET, 21 August 2013.
- The Google hacking database, a collection of Google Dorks — that is, ways of using Google to search for unmaintained or otherwise vulnerable websites.
- 19 percent of the web runs on WordPress, VentureBeat, 27 July 2013.
- FS-ISAC, the US Financial Services Information Sharing and Analysis Center.
- Wikipedia entry on Phishing.
- Explanations of DNS amplification attacks from Akamai, CloudFlare, US-CERT and WatchGuard.
- BCP38, a Best Common Practice from the Internet Engineering Task Force (IETF) that can help prevent DNS amplification attacks.
- My introduction to the Syrian Electronic Army (SEA) in Crikey, Assad’s army: the future of hacking is here, with a new target.
- An Ars Technica story on a typical watering hole attack, Facebook, Twitter, Apple hack sprung from iPhone developer forum.
- Wikipedia entry on SQL injection, an attack that attempts to insert malicious SQL database commands into a web application.