Hackers shy away from DDoS attacks

Summary:Declining profitability and the risk of identification are causing a decline in distributed denial-of-service attacks, according to Symantec

The quantity of distributed denial-of-service attacks launched for the purpose of extortion has fallen, according to security vendor Symantec.

A distributed denial-of-service (DDoS) attack uses a network of compromised computers, known as a botnet, to send a large number of packets to a site, causing its server to fall over. Some attackers try to extort money from the site by threatening to launch another attack. However, DDoS attacks are becoming less frequent because of increasing risks to attackers, according to Symantec.

"In the last six months of 2006 we saw a pretty sharp decline in the daily number of denial-of-service attacks. Although there are likely a number of factors at play here, I think there is one primary factor: denial-of-service extortion attacks are no longer profitable," wrote the vendor's security response engineer Yazan Gable in a blog post.

"DDoS is a risky business," Ollie Whitehouse, a Symantec research scientist told ZDNet UK. "DDoS attacks can show how big the attacker's botnet is, and where it's located. There's a risk of the attacker being identified not only by the target and their ISP, but also by their own ISP."

Botnets take time and money to assemble, and increasingly hackers are unwilling to risk DDoS attacks, opting instead for the relatively easy money to be gained from spamming. Revenue gained from phishing and direct sales through spam is increasing, said Symantec. As email spam filter technologies have become more advanced, spammers have turned to easier targets such as blogs. "It's very easy to jump on a blog with an established base and spam that," said Whitehouse.

Detective chief inspector Charlie McMurdie, of the Metropolitan Police Specialist Crime Directorate E-crime Unit, said that DDoS extortion attempts are still being reported to the police but that, without a national unit to collate e-crime information, it was difficult to get an accurate picture of the problem. "We're still having reports made to us, but obviously that's only the tip of the iceberg," McMurdie told ZDNet UK. "We are still receiving reports of attacks, but we've got no national collation of law-enforcement figures as yet."

Topics: Security

About

Tom is a technology reporter for ZDNet.com, writing about all manner of security and open-source issues.Tom had various jobs after leaving university, including working for a company that hired out computers as props for films and television, and a role turning the entire back catalogue of a publisher into e-books.Tom eventually found tha... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.