TechWorm reports that two academics, one from the University of Colorado Boulder and the other from the University of Wisconsin, have created a theoretical form of crypto currency called "DDoSCoin" (a similar concept to Bitcoin). The difference is, the only way to earn the currency, is to participate in a distributed denial of service (DDoS) attack. Essentially, it rewards DDoS hackers. The currency only works when the user’s computer targets a Transport Layer Security (TLS)-enabled website with a DDoS attack. The "DDoSCoin" could then be traded for another form of digital currency, like Bitcoin.
It might seem strange that academic researchers created technology that actually incentivizes illegal behavior (i.e., DDoS attack activity). However, the professors did the project as an exercise to demonstrate the potential threat to other cyber security experts. The researchers presented their paper at the Usenix 2016 security conference.
According to the TechWorm article,
“The DDoSCoin proof of work incentivizes miners to send and receive large amounts of traffic to and from the target to produce a valid proof of work. The proofs can be verified easily, and the original miner can claim a reward that can be sold for other currencies. Botnet owners and other attacks can directly collect rewards for assisting in decentralized DDoS attacks.”
How soon might cyber criminals try to build their own such crypto currency scheme? That’s anyone’s guess. But someone in the Dark Web has most likely already begun building out a similar currency. If the academics can concoct a new digital currency, you can bet your bottom dollar that someone in the ever-agile cyber criminal underworld is already working on it. At least in this case, the white hat researchers might be one step ahead of the next trend in DDoS attacks. We can hope the researchers’ theory does not become a reality, but that might be wishful thinking.
DDoS attackers already sell “DDoS for hire” services; the notorious collectives like Lizard Squad and the New World Hackers have been in that business for a while now. They also participate in extortion campaigns; they threaten to launch a DDoS attack unless a business pays them a ransom fee in bitcoin, or they launch a DDoS attack on an organization and promise to stop the attack only if the organization pays them a bitcoin ransom. Plus, DDoS attackers are already recruiting botnets to form zombie armies that can be deployed in a DDoS attack. So why not recruit more actual people into the business of DDoS by rewarding them with crypto currency? It would be easy money, right?
This academic research reinforces the fact that DDoS attacks are not going away, especially with further incentives to carry out these malicious attacks. Because of this, it’s important to protect your network with DDoS Protection Hardware.
For more information about Corero, contact us.