http://news.bbc.co.uk/1/hi/technology/6623673.stm By Mark Ward Technology Correspondent BBC News website 4 May 2007 Legitimate businesses are turning to cyber criminals to help them cripple rival websites, say security experts. The rise in industrial sabotage comes as some suggest cyber criminals are turning away from using web-based attack tools in extortion rackets. Experts suspect this is because of the risks involved in mounting such an attack on a web shop or retailer. Instead the tools, usually hijacked home computers, are being used to pump out junk e-mail. Cash call Often these hijacked PCs, known as bots, are used for "Distributed Denial of Service" (DDoS) attacks that attempt to knock a site or server offline by bombarding it with huge amounts of data. Online gambling sites were among the first to be threatened with DDoS attacks if they did not hand over significant sums of cash. In a recent entry on the Symantec Security Response blog, Yazan Gable said the company had seen a "pretty sharp decline" in the number of attacks that try to extort cash. Mr Gable said this was because extortion attacks were no longer profitable because knocking a website offline via DDoS was "loud and risky". Many of those controlling the networks of bot computers have now started using them to send out spam which was just as lucrative and a lot less risky, said Mr Gable. But Paul Sop, chief technology officer at Prolexic which helps victims cope with DDoS attacks, said they were proving as popular as ever. "We've seen more DDoS attacks in the last few months than we have ever seen," he said. The decline could just be part of the arms race between criminals and security firms. "When the gangs feel the pincers coming in they change their strategy," he said. There was no reason to think the decline was because such attacks were no longer profitable. Not least, he said, because only in 20% of cases do attacks stop once a victim has made a payment. "Once they have you hooked they'll keep going," he said, "it can get up to some pretty serious numbers." Mr Sop said the number of extortion-based attacks had declined a little but this had been more than made up for by companies using them to batter rivals. "We are seeing a lot of anti-competitive behaviour," he said. Mr Sop added that many more Asian targets were being hit by DDoS attacks - a region in which Symantec did not historically have a big presence. In Asia, he said, DDoS attacks were proving very popular with unscrupulous firms keen to get ahead of their rivals. "The really frightening thing is you can buy access to a botnet for a small amount of money and you can have you competitor down for a long time," he said. In one case that Prolexic helped with a firm was battered for four months by a rival using a botnet owned by a criminal gang. "It's a great use of funds to destroy your competitor," he said. 5B5B __________________________ Subscribe to InfoSec News http://www.infosecnews.org
This archive was generated by hypermail 2.1.3 : Sun May 06 2007 - 23:19:01 PDT