August 27th, 2004
Can the FBI scale as well as a DDoS?
Security Focus’ Kevin Poulsen has reported that the FBI has busted an alleged DDoS mafia that was using Distributed Denial of Service (DDoS) attacks to shut down the Web sites of businesses that were in competition with a Massachusetts-based business. The businessman apparently established contact with an underground element of the Internet and paid to have his competitor’s sites attacked.
The story quotes FBI supervisory special agent Frank Harrill as saying "This is an example of a growing trend: that is, denial of service attacks being used for either extortionate reasons, or to disable or impair the competition. It’s a growing problem and one that we take very seriously, and one that we think has a very destructive impact and potential."
That potential is not to be underestimated. As more businesses and consumers come on-line via broadband connections and an increasingly larger percentage of the nation’s commerce relies on the resilience of those connections, America’s business infrastucture runs a greater risk of being easily disrupted by its enemies. These lower bandwidth connections (when compared to the super-highbandwidth connections that large enterprises typically have) are much easier to attack and require fewer orchestrated particpants (thereby flying below the radar of most DDoS detection mechanisms) in order to be overwhelmed with denials of service. How do I know this? Earlier this year, my home’s connection to the Internet was target of such an attack and the attacker only needed two machines to do it (hence, my name for the attack: the mini-DDoS or mDDoS). The FBI wasn’t interested. But, after writing about it, I was contacted my another federal agency.
mDDoS attacks could affect all kinds of transactions. For example, no discussion of the viability of Internet voting can be had without taking the mDDoS into consideration. Sure, certain measures could be taken to protect the back-end systems. But what about the voters’ connections?
