With botnets everywhere, DDoS attacks get cheaper

With botnets everywhere, DDoS attacks get cheaper
With botnets everywhere, DDoS attacks get cheaper 

By Robert McMillan
October 14, 2009
IDG News Service 

Cyber-crime just doesn't pay like it used to.

Security researchers say the cost of criminal services such as 
distributed denial of service, or DDoS, attacks has dropped in recent 
months. The reason? Market economics. "The barriers to entry in that 
marketplace are so low you have people basically flooding the market," 
said Jose Nazario, a security researcher with Arbor Networks. "The way 
you differentiate yourself is on price."

Criminals have gotten better at hacking into unsuspecting computers and 
linking them together into so-called botnet networks, which can then be 
centrally controlled. Botnets are used to send spam, steal passwords, 
and sometimes to launch DDoS attacks, which flood victims' servers with 
unwanted information. Often these networks are rented out as a kind of 
criminal software-as-a-service to third parties, who are typically 
recruited in online discussion boards.

DDoS attacks have been used to censor critics, take down rivals, wipe 
out online competitors and even extort money from legitimate businesses. 
Earlier this year a highly publicized DDoS attack targeted U.S. and 
South Korean servers, knocking a number of Web sites offline.

Are botnet operators having to cut costs like other businesses in these 
troubled economic times? Security researchers don't know if that's been 
a factor, but they do say that the supply of infected machines has been 
growing. In 2008, Symantec's Internet sensors counted an average of 
75,158 active bot-infected computers per day, a 31 percent jump from the 
previous year.


Did a friend send you this? From now on, be the 
first to find out! Subscribe to InfoSec News 

Site design & layout copyright © 1986-2015 CodeGods