Disturbing developments in DDoS attacks
Play audio version
I had a chat yesterday with someone who is on the front lines in the fight against cyber-extortion. Barrett Lyon is an expert on building the infrastructure and defenses to survive Distributed Denial of Service attacks. His story is fascinating. You can read more about it in the New Yorker.
Traditional DDoS of course is when an attacker uses thousands of centrally controlled zombie machines Barrett raises the specter of a new generation of zombies. to direct millions of packets at a single destination. Most web servers shrivel up and die when subjected to that much attention. According to Barrett even the upstream infrastructure cannot withstand some of these attacks. The firewalls, routers, sometimes even the ISP go off line. A recent new technique is for the zombies to all perform DNS look-ups causing a failure of the DNS server for the target to die, effectively taking down a site without even hitting it directly.
But in the podcast I did with Barrett yesterday he raises the specter of a new generation of zombies, Linux zombies, being used to launch attacks against targets. He says in a recent battle he had to defend a site that was under attack from a Japanese hacker who had been hired by someone to take out their competitor, Barrett’s client.
The hacker used a common mis-configuration in PHP scripts to take over Linux machines and use them for his army of zombies. What is scary about this is that these machines are typically web servers on broadband connections, unlike the usual collection of PCs on college campuses that are part of a bot-herd. So they are much more deadly, especially when combined into a single force. The PHP script is easily searchable on Google so the hacker automated his harvesting activity by having each infected machine search for more machines to infect using Google results to seed the search.
Listen to the full interview with Barrett here. I did the interview flat on my back ( just as I am writing this blog entry) because I pulled a muscle while working out yesterday so my voice is a little muffled but Barrett’s message is loud and clear.