According to Kaspersky Lab, 2011 has seen "numerous DDoS attacks with a variety of motives," many of which will "go down in the annals of cybercrime." As we look ahead to 2012, it's worth examining some of those motives to see what they portend.
Possibly the most common motive has been personal retribution. Often, this means one individual attacking another, not a company or even a website. Example: an online gamer disabling an opponent in XBOX Live. Since the victims aren't high-profile, these attacks usually don't get much press.
Political or social activism — "hactivism," if you prefer — has dominated DDoS headlines over the past year. From defenders of WikiLeaks to people protesting anti-piracy laws, those with an axe to grind have increasingly gone online. As protests of all kinds seem to be gaining momentum these days, it will be interesting to see what develops next.
Extortion is the original motive for DDoS attacks: extracting money from people or businesses unable (or unwilling) to protect themselves. While there are new laws to stop this, enforcement can be tricky when the attackers or their botnets are in countries without extradition.
Competitive advantage is another established motive. We tend to see this more among smaller businesses whose competitors are less likely to have protection.
Finally, there's good old-fashioned gang warfare, where rival criminal groups go after one another. Sometimes entire nations get involved, as when North Korea targets South Korea.
With so many different motives and such a diversity of offenders, one conclusion is crystal clear: DDoS attacks are easier than ever to launch. Anyone with basic skills (hence the term "script kiddie") and a high-speed connection can cause serious damage. This explains why 3 out of 4 businesses report having experienced DDoS attacks, with over 7,000 attacks occurring every day.
And it's no longer just websites that are being targeted. Email and even VoIP services are in the crosshairs, witness the recent attack that shut down TelePacific's call processing for thousands of customers.
No question, all these developments are a warning for next year. Expect more and larger attacks — and more damage to those who aren't prepared.
By Alexander L. Berry, Senior Vice President, Enterprise Services at Neustar
|Cybersquatting||Policy & Regulation|
|DNS Security||Registry Services|
|IP Addressing||White Space|
Minds + Machines