[LACNIC/Seguridad] fwd: DDoS attacks rise in number, thanks to free tools

Sab Jul 16 01:38:48 BRT 2011

Que triste que se le eche la culpa a las herramientas en si. - Luego
esta idea se migra a PoC, herramientas de asesoria, y demas, y nadie
puede trabajar en investigacion en seguridad...

Fuente:
http://www.scmagazineus.com/ddos-attacks-rise-in-number-thanks-to-free-tools/article/207600/

DDoS attacks rise in number, thanks to free tools
Dan Kaplan
July 14, 2011

The Internet Crime Complaint Center on Thursday warned of a growing
number of distributed denial-of-service (DDoS) attacks, many of which
have been motivated by reasons not related to financial gain.

In a report detailing the latest scams, IC3, a partnership of the FBI
and National White Collar Crime Center, said a number of websites,
including many belonging to gaming companies, have come under recent
attack by hacking groups.

"Open source of intelligence indicates that some of the attacks are
supposedly in response to the company itself, while other attacks are in
response to group rivalries," the report said, adding that hacking
collectives, receiving coverage in the media, have been able to
influence widespread participation in DDoS assaults.

The uptick in DDoS, a style of attack that is at least a decade old, is
largely attributable to tools such as the open-source Low Orbit Ion
Cannon -- a type of voluntary botnet --  or more traditional networks of
compromised computers, which can be rented for as little as $10 per hour
for up to 50,000 nodes, experts said.

"[DDoS has] been around forever, but it's way more accessible now," Eric
Hemmendinger, senior product manager for managed security services at
Tata Communications, told SCMagazineUS.com on Thursday. "All that
translates in internet terms to that you don't have to be a rocket
scientist  to do this anymore. For short money, you can get
command-and-control for an hour of a very large number of nodes to
inflict an attack on the target of your choice."

He said many organizations and their hosting providers lack the means to
detect and ward off particularly vicious DDoS attacks, ones that could
measure multiple gigabits per second.

"Once the attack starts, if you're concerned with what you can do in the
[first] 12 to 24 hours, you're pretty much limited to the resources you
have on hand or your service provider has on hand," Hemmendinger said.
"What it comes down to is if you perceive yourself as potentially being
a target, then waiting to become a target is not a smart strategy."

IC3 cited a number of complaints it received. In one case, an e-commerce
company reported absorbing 165 million hits over a three-day period. In
another, attackers bombarded a banking website with 8,000 hits per
second to its login page, crippling access.

"It's not really for financial gain as opposed to a lot of the other
fraud reported through (IC3)," Tim Gallagher, a supervisory special
agent, told SCMagazineUS.com. "In general, they're not economically
based crimes [and are] usually [done] to get across some sort of message."

But the IC3 did say that some recent attacks have been used to distract
victims from more pernicious actions occurring on their networks, such
as attempts to extract sensitive data.

And while Hemmendinger admitted that there have been a string of
headlines in recent months of DDoS attacks conducted for political
reasons, such as ones against companies that cut ties with whistleblower
website WikiLeaks, he said a huge chunk of cases are motivated by extortion.
Meanwhile, the IC3 alert also warned of a ramp up in extortion emails
targeting physicians, fake donation sites and messages purporting to be
from the FBI but which actually contain a trojan.

-- 
Fernando Gont
e-mail: fernando en gont.com.ar || fgont en acm.org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1