National Botnet Network coming: Earthwave
Summary: Distributed denial-of-service (DDoS) attacks are on the rise, and, according to Earthwave CEO Carlos Minassian, the situation will get worse when the National Broadband Network (NBN) rolls out.
Distributed denial-of-service (DDoS) attacks are on the rise, and, according to Earthwave CEO Carlo Minassian, the situation will get worse when the National Broadband Network (NBN) rolls out.
Carlo Minassian
(Credit: Earthwave)
Speaking to ZDNet Australia, Minassian said that in the most recent quarter to 31 March 2012, he saw DDoS attacks grow across his client base by around 700 per cent. Of these, 50 per cent were aimed at government organisations, with the remainder typically for financial services and critical infrastructure groups.
Last week alone, he said that Earthwave's security operations centre dealt with major DDoS attacks on two Australian organisations, one of which he said was a major retail shopping centre chain.
Despite the growth, he said that Australian organisations are naive; he stated that most people don't know how to deal with DDoS attacks.
"If you're a typical organisation in Australia, most of them have 10 megabits per second, 100Mbps internet links, [but] the smallest DDoS uses 10,000 bots, so for them to flood and take you out is really simple in Australia," he said.
The saving grace for these organisations is that traffic in Australia is comparatively different to traffic in the US.
"In America, the type of DDoS they're experiencing ... some attacks are 95Gbps. In Australia, the DDoS we're experiencing is like 6Gbps, because our connectivity to the rest of the world is not that big."
However, with the roll-out of the NBN, Australia has the potential to look more like the "National Botnet Network", and become a juicier target for hackers.
"Everyone will have 100Mbps connections to the NBN, and there's going to be literally tens of thousands of compromised machines connected to the NBN from home PCs as part of a botnet, and [attackers will have] access to literally gigabytes and terabytes of bandwidth then," he said.
"Australia will become a massive botnet of zombies. It will take a while, but, once it happens, once they have access ... then they can launch, 50Mbps, 100Mbps, 100Gbps [or] 150Gbps attacks."
According to Minassian, an army of zombie computers is only the tip of the iceberg, as hackers begin to shift their tactics from censoring websites through takedowns to causing significant economic damage to businesses.
"There is a new type of DDoS. We refer to it as an economical DDoS," he explained.
He said that as more people jump on-board the cloud movement, and pay an outside provider for bandwidth, there is a huge opportunity for hackers and unscrupulous business competitors to attack their rivals — not to take down their website, but to increase the amount of bandwidth they consume, thus leaving the company to have to purchase from their provider.
"You'll get a bill from [your provider] all of a sudden that's half a million dollars [when] usually you pay $10,000," he said.
"This is something that's coming. It's happening slowly, but it's going to come more and more as cloud popularity grows."
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
People die crossing the road, are you going to ban cars or police it better?
Sorry; was just channelling Malcolm Turnbull there for a moment . . .
Seriously it seems to me "Earthwave" just want to sell us some ineffective security solution of theirs, but they conveniently don't mention what that is so people are left with their idiotic implication that it is somehow the NBN's fault.
looking at South Korea, Japan, even Czech Republic - I haven't seen either emit more news coverage over that of China. Am not sure there's a 'direct' correlation of a country's internet speed to botnet proliferation.
This should be a mandatory legal requirement like a drivers licence.
Lets look at this in another way, if 50 people shot someone at the same time using a hand gun, you would see a dead guy with 50 bullet holes, now if 50 people shot somoene at the same time using shot guns then I suspect there wouldnt be much left of the body to examine - it would simply be annihilated :-)
Size and force then become an important factor when other groups are attempting to block the bullets.
Too many people take anything related to NBN personally, instead of evaluting each opinion for its merits.
As a security consultant who has witnessed organisations suffer extended DDoS for more than 4 months and having witnessed its impact on that SaaS based business, I truly hope that ISPs take the proposed iCode seriously and that the NBN design has some inherent DDoS mitigation built into the network as suggested by some.
With this in mind I suspect faster connections will result in bigger DDoS attacks as suggested here.
If, the victim's pipe is widened by a factor of ten and so is the pipe of the bots, there is no net change in this part of the equation.
If the bot is consuming ten times the resources as previously, the liklihood of it being noticed increases also.
From dialup to DSL, DSL to cable/DSL2+ and now cable to the NBN, there is no stopping people from committing these crimes (yes, the bigger pipe makes it more prevalent, but still). You don't have to grin and bear it, you have to put work into your infrastructure to reduce the impact.