DDoS-for-Points: How to Beat Hackers at Their Own Game
Last week a Turkish hacker started encouraging individuals to join a DDoS-for-Points platform that makes carrying out distributed denial-of-service (DDoS) attacks into a game, featuring points and prizes for completing DDoS attacks against a list of political websites. The users who participate will be awarded points for every minute they attack a website, which can then be used to obtain rewards.
The method and selection of participants for this game is not coincidental. Gamers regularly deploy DDoS attacks as a means to gain a tactical advantage within a game. It has become an expected part of gaming culture for a player to use DDoS to knock other players offline, or sometimes to target an entire service to prevent others from gaining a competitive edge. These kinds of DDoS attacks can spark a wave of repercussions. When thousands of online gamers are locked out or booted off their games, it gets the attention of the media. The stakes are high for the gaming companies because when they lose players they lose revenue. So it’s easy to see why this DDoS-for-Points platform has found such a sweet spot and could be successful, because it plays on the popularity of DDoS in the gaming environment, and engages a willing army of participants who would be keen to access the more effective DDoS tools on offer.
What the participants may not realize, however, is that the DDoS software comes with a hidden backdoor, which secretly installs a Trojan on the computer and can potentially enslave it into a botnet, to launch additional DDoS attacks.
Regardless of the motivations, or who is ultimately declared the winner, the DDoS-for-Points platform serves as an example of the never-ending variety and sophistication of DDoS. Attackers are leveraging DDoS in more innovative ways, so in order to keep up, defense solutions need to be similarly inventive. Let’s not forget that, in the gaming world, innovation is the way you win. In this case, such innovation will likely lead to the evolution of new DDoS techniques, and a series of new attacks.
How Can These DDoS Attacks Be Stopped?
While the motivations for such attacks are endless, the defense is the same regardless of the technique. Firstly, carriers (Internet Service Providers) have a responsibility to protect their networks and customers from such attacks, by ensuring they have full visibility over their networks and can spot all malicious activity.
Indeed, Service Providers are in a very unique position to “profitably remove” DDoS attack traffic that targets their subscriber base, and many are moving forward with new initiatives. Technology exists that can detect and automatically defeat all volumetric DDoS attacks, in real-time, and this technology can be easily deployed in a Service Providers’ network, at peering points or subscriber edges. This technology can be deployed in a host of ways and will detect, alert, and block any DDoS attack traffic presented to it. As the landscape of DDoS attacks changes, providers must keep up with the pace of the latest hacking ‘trends’, such as DDoS-for-Points platform, otherwise they risk putting their customers in danger of suffering attacks, and could risk damaging their own reputation and revenue in the process.
For more information, contact us.
Sean Newman is VP Product Management for Corero Network Security. Sean has worked in the security and networking industry for twenty years, with previous roles including network security Global Product Manager for Cisco, who he joined as part of their acquisition of cyber-security vendor Sourcefire, where he was Security Evangelist and Field Product Manager for EMEA. Prior to that he was Senior Product Manager for endpoint and network security vendor Sophos, after having spent more than 12 years as an Engineer, Engineering Manager and then Senior Product Manager for network infrastructure manufacturer 3Com.