Distributed denial-of-service (DDoS) attacks are on the rise, and, according to Earthwave CEO Carlo Minassian, the situation will get worse when the National Broadband Network (NBN) rolls out.
Speaking to ZDNet Australia, Minassian said that in the most recent quarter to 31 March 2012, he saw DDoS attacks grow across his client base by around 700 per cent. Of these, 50 per cent were aimed at government organisations, with the remainder typically for financial services and critical infrastructure groups.
Last week alone, he said that Earthwave's security operations centre dealt with major DDoS attacks on two Australian organisations, one of which he said was a major retail shopping centre chain.
Despite the growth, he said that Australian organisations are naive; he stated that most people don't know how to deal with DDoS attacks.
"If you're a typical organisation in Australia, most of them have 10 megabits per second, 100Mbps internet links, [but] the smallest DDoS uses 10,000 bots, so for them to flood and take you out is really simple in Australia," he said.
The saving grace for these organisations is that traffic in Australia is comparatively different to traffic in the US.
"In America, the type of DDoS they're experiencing ... some attacks are 95Gbps. In Australia, the DDoS we're experiencing is like 6Gbps, because our connectivity to the rest of the world is not that big."
However, with the roll-out of the NBN, Australia has the potential to look more like the "National Botnet Network", and become a juicier target for hackers.
"Everyone will have 100Mbps connections to the NBN, and there's going to be literally tens of thousands of compromised machines connected to the NBN from home PCs as part of a botnet, and [attackers will have] access to literally gigabytes and terabytes of bandwidth then," he said.
"Australia will become a massive botnet of zombies. It will take a while, but, once it happens, once they have access ... then they can launch, 50Mbps, 100Mbps, 100Gbps [or] 150Gbps attacks."
According to Minassian, an army of zombie computers is only the tip of the iceberg, as hackers begin to shift their tactics from censoring websites through takedowns to causing significant economic damage to businesses.
"There is a new type of DDoS. We refer to it as an economical DDoS," he explained.
He said that as more people jump on-board the cloud movement, and pay an outside provider for bandwidth, there is a huge opportunity for hackers and unscrupulous business competitors to attack their rivals — not to take down their website, but to increase the amount of bandwidth they consume, thus leaving the company to have to purchase from their provider.
"You'll get a bill from [your provider] all of a sudden that's half a million dollars [when] usually you pay $10,000," he said.
"This is something that's coming. It's happening slowly, but it's going to come more and more as cloud popularity grows."