Imagine a business model with a 95 percent profit margin. As wonderful as this sound, this business is certainly not something that most would want to get into. We’re talking, of course, about the criminal enterprise of Distributed Denial of Service (DDoS) attacks.
This form of cyber-crime has grown exponentially over the past few years, giving CIOs and digital business leaders sleepless nights about whether they’ll be the next victim. Powerful DDoS attacks have a devastating effect: flooding web servers and hauling companies offline, causing untold financial and reputational damage.
“The popularity of DDoS has spawned a criminal underworld, with thousands of service providers hiding out on the so-called ‘Dark Web’,” explains Arbor Network’s territory manager for Sub-Sahara, Bryan Hamman.
These nefarious organisations offer to execute DDoS attacks for as little as just a few dollars. One simply chooses the type of attack (do you want to use web servers or connected botnets?), the magnitude, the duration, and indicates the victim that they’re targeting.
“These Dark Web services have made it very simple to enlist the resources needed for a DDoS attack. Self-service portals and bitcoin payment systems guarantee one’s anonymity and eliminate the need for direct contact with the service provider,” says Hamman.
He adds that reports and status updates are all published via these portals, allowing customers to track the impact of their attacks. In some cases, there are even bonuses for each attack that’s commissioned – so DDoS providers even have a form of loyalty programme.
Cyber-security company Kaspersky Lab recently found that the most basic attack (sold at about USD25 per hour) resulted in a profit to the service provider of about USD18 per hour.
But the second revenue stream emerges with those DDoS attacks that demand a ransom from companies in return for restoring services and bringing the victim back online. In these cases, profit shares from the ransoms can push the overall profit margins to over 95 percent.
The intended victims themselves are priced differently – with the likes of government websites, and organisations known to have some form of defence in place, commanding a much higher premium, notes Hamman.
“It’s interesting to note the level of awareness and information held by the DDoS service providers, as they distinguish between the soft targets and the more difficult quests. Those organisations with the most advanced DDoS defences are far less likely to be targeted,” he explains.
“With such rich pickings available for cyber-criminals, it shows that the scourge of DDoS isn’t likely to slow down anytime soon,” highlights Hamman.
Almost all types of organisations today are totally dependent on connectivity to sustain their business. As we rapidly adopt Cloud architectures and new mobility or virtual office solutions, all of our data, applications and services are only available when we’re connected.
So it stands to reason that organisations should ensure they have professional and dedicated DDoS prevention solutions in place. “Companies need to have what we term ‘layered protection’ – incorporating broad DDoS attack detection and mitigation, alongside network visibility and actionable security intelligence.”
“By remaining on the cusp of the latest DDoS protection tools, it becomes possible to thwart any attacks from the growing legion of DDoS attackers out there,” he adds.
And, when these criminal services are so immediately available for hire, with just a few clicks of the mouse, the threat of DDoS is ever-present for all businesses and industries.
By Bryan Hamman, Arbor Network’s territory manager for Sub-Sahara