Feds Shut Down 15 Denial of Service Websites
You can get anything on the Internet. One of the relatively recent additions are web sites that you can pay (I presume in Bitcoin) to “stress” a web site that you don’t like. Stress is a euphemism for denial of service attacks which force the target site offline.
They have charged 3 men today – two in California and one in Alaska with operating the 15 sites that they took down.
The feds claim that these sites, including DOWNTHEM.ORG, NETSTRESS.ORG, QUANTUMSTREESS.NET, VBOOTER.ORG AND DEFCON.PRO, are a significant national threat.
It is certainly true that these sites, which attack other web sites for a fee, are not a good thing. It is pretty stupid for people inside the United States to run sites like these and think that they are not going to get caught and prosecuted. Think of it as the Darwin Effect.
According to the feds, DOWNTHEM.ORG alone had 2,000 customer subscriptions and carried out over 200,000 attacks.
While these “take downs” are interesting, they likely won’t have much of an effect on the overall level of denial of service attacks affecting the Internet.
Many (most?) of these attacks are controlled from places offshore like Russia, China and North Korea and I doubt whether the feds bringing charges against 3 Americans in the U.S. will have much of a deterrent affect in those countries.
Still, there is no downside to taking down these sites and filing charges against the 3 men. The challenge that the problem is huge and largely offshore.
Today’s operation used cooperation between the U.S., U.K. and Dutch and several companies including Cloudflare and a number of others. exercising this process is a good thing.
The feds have been pretty active recently in issuing warrants – in many cases to foreigners with a low likelihood of being apprehended, but in this case, if they have not already caught these three, they probably will soon.
The message the feds want to deliver is that there is a possibility that you will be caught and prosecuted – even if the probability is low. That will be enough to deter some people.
The bigger problem is with sites run in unfriendly countries where even if they get taken down, the bad guys just register a new domain and they are back in business. Some of these sites operate on the dark web where they are harder to find and harder to take down.
Most of these sites use “zombie” computers to attack people. Zombies are computers that have been compromised due to poor cyber hygiene. Likely it will be someone’s home computer or a computer in a small business. Sometimes it is a company’s server in a data center. In the grand scheme of things, they don’t really care whether the feds coming knocking at your door to tell you that you are running a denial of service attack because even if the feds seize your computer it won’t make it any easier for the feds to find the people behind the attack – unless they are not very skilled.
For businesses, unfortunately, that means that you need to be prepared for a denial of service attack. Most of the attacks are pretty short and try to get you to pay them to stop the attack. Most of them will stop on their own, but if you don’t pay they might attack you again and again to try and get you to pay.
Most of the attacks will be able to consume any bandwidth you might have, even if you have a gigabit Internet connection. Many of the attacks consume 50 gigabits or more per second.
In many cases your Internet provider may help the attacker because it will intentionally take down your internet connection to protect its other customers. In that case, the attacker wins. In a few cases, the Internet provider will cancel YOUR service, even though the attack is not the result of anything that you did wrong. In the U.S., where there is often very little choice of Internet providers, this can be a real problem for businesses.
One thing that you can do is have two Internet connections so at least if one goes down as a result of an attack, the other may still work. This is not a cheap solution.
Another solution is to use a service like Cloudflare. This is not easy either because it may require modifications to your web site to make it work.
There is no easy answer to this problem, but if it is important to your business to remain online for your customers and employees, thinking through the risks and the options is mandatory.
Information for this post came from Tech Crunch.