More than half of U.S. DDoS victims blame unscrupulous competitors, Corero survey reveals

By | February 29, 2012

Posted in: Network Security Trends

Anonymous is not the biggest threat to launch a distributed denial-of-service (DDoS ) attack against your organization. Ideologically and politically inspired (aka hacktivist) DDoS attacks have gained wide notoriety, with some justification. The victim sites are highly prominent, very public companies, government agencies and industry groups — large banks, Sony, the FBI, stock exchanges, etc. As ideological/political entities, hacktivists, particularly Anonymous, characterize themselves as a movement and take open credit for bringing down their quarry.

Notoriety notwithstanding, your competitors, not shadowy hacktivists, are far more likely to lay your servers low, according to new Corero Network Security survey. The research shows that more than half (52%) the U.S. enterprises hit by DDoS attacks in the past 12 months said they were victims of competitors trying to gain unfair business advantage. Financial services (61%), in particular, were targeted by unscrupulous competitors. A little under half the enterprises in other business sectors, including retail and manufacturing,  cited attacks by other companies.

While these attacks are unethical — no, let’s call them for what they are, criminal — The business logic behind DDoS-ing other companies in your market is clear. The Internet is an open marketplace, with lots of choices. Customers expect websites to be responsive: I type, I click, I get; on to the next activity. They expect sites to always be available. Always. If I overwhelm your servers and bring your online business to a crawl or even to a halt, your customers get frustrated and go to another site. Preferably, mine. You lose business, I gain business. You lose customers, perhaps permanently. Your corporate brand suffers. The launch of an online business initiative, is a nice time to strike.

The competition doesn’t need any particular expertise, just the resolve to attack. and a low ethical threshold. Less than $100 buys the use of a botnet for a flooding attack. Or you can simple hire cyber thugs to execute the attack for about $5 to $10 per hour; $40 to $50 per day; $350-$400 a week; and upwards of $1,200 per month, according to a report by security expert Brian Krebs.

Increasingly, these may take the form of sophisticated application-layer DDoS attacks, which take up far less bandwidth than “traditional” network-layer floods.  (In Internet terms, anything older than five years can probably be characterized as traditional.) These attacks are harder to detect and mitigate; they require smaller botnets; some of the clever new attacks can be launched using a single computer.

So, what of hacktivists? They are a legitimate concern, and they’ve drawn attention because they are doing some real damage. A fifth of those enterprises reporting at least one attack said ideological or political motives were to blame. Interestingly, nearly half the victimized retail enterprises cited hacktivism. As a rule of thumb, organizations that have reason to believe their policies and/or practices make them potential targets should be most concerned about belief-driven attack, but it’s not always easy to know what may trigger a DDoS attack.

In all, 38% of the U.S. enterprises surveyed reported at least one DDoS attack in the past year. More than 40% of those said they had been hit with multiple attacks. Small wonder more than three-fifths of the companies surveyed say they are very concerned about DDoS disruption.

Only 12% of the enterprises hit with attacks blame criminal extortion for money. It’s a variation on the classic protection racket: You pay protection money, nothing bad happens to your business. Cyber criminals make the threat and demand ransom via email or a call. Sometimes, they launch a brief DDoS attack to demonstrate they are serious. The balance of the attacks were apparently pure wanton maliciousness, or “just for laughs.”

The takeaway is that DDoS is a very real risk to enterprises in all sectors, for a variety of motives. Chances are very good someone, for some reason, could make your enterprise a target.

You May Also Be Interested In: