Democratized DDoS attacks
Democratized DDoS attacks
http://blogs.zdnet.com/security/?p=2859
http://www.sourceconference.com/
Mar 13 2009
At Source Boston 2009 (a conference on advacnted technology and security application practices), security specialist Dr Jose Nazario gave a talk describing how DDoS (Distributed Denial of Service) attacks are becoming more ‘democratized’ or ‘populist’, and no longer just the tools of trained computer attackers. He cited various DDoS attacks associated with military campaigns (such as Kosovo or more recently, Georgia) which seemed to be initiated on a wide scale rather than just by a centralized group of attackers
This has arisen due to simplification of the weapon, ie . Now it could be as simple as a centralized group of protestors or citizen militia distributing a simple script, which could be run on an end user’s machines. An example given was a simple Microsoft batch pinging script distributed to various complicit parties via a message board. More sophisticated scripts occur but the essential point is that as it becomes easier to run such attacks on a local machine, it will be easier and easier to intitiate DDoS attacks on a wide scale in this fashion.
The broader issue here is twofold– the weaponization of computer systems, and the possibility that these could be leveraged by non-military, politically oriented groups as a means of protest as well as attack. The Russian conflict in Georgia most recently brought up broad suspicions of cyber warefare, and many rumors and warnings exist about the potential dangers which could occur. Even the public is generally aware of the threat, given the existance of movies like Diehard 4 (however inaccurately the threat may be represented)
The speaker concluded by not commenting on the prevalence of such tools in [domestic] political groups. However it is safe — or unsafe– to assume that as computer integration into daily lives and processes becomes greater and greater, the likelihood of such an attack being publicly launched also increases.