The week ended with a bang as Anonymous hooligans went on a rampage in reaction to the Justice Department take down of MegaUpload.com
Is Crowd-Sourced DDoS from Anonymous a Threat?
On Thursday, January 19, the US Justice Department shut down MegaUpload.com and arrested four of its members in New Zealand. The file sharing site was known for being a popular means of distributing music and videos as well as large files of leaked credit cards and usernames.
Anonymous was quick to react. At one point over 5,000 members used LOIC (Low Orbit Ion Cannon), a simplistic Denial of Service tool, to target and disable the sites:
- Justice.gov
- FBI.gov
- Universal.com
- RIAA.com
- MPAA,com
Then over the weekend Anonymous Brazil got in the act with attacks against two Military Police sites:
- pm.go.gov.br
- policiamilitar.rj.gov.br
And, while they were flexing their muscles they took down payment card industry sites:
- Mastercard.com.br
- Visa.com.br
Anonymous Brazil also responded to the call to attack Polish sites because Poland was the next country to vote on the ACTA Agreement, a measure to counter online piracy. Both these sites were claimed to have been disabled:
- mkidn.gov.pl
- premier.gov.pl
So what is the damage to these organizations and their infrastructure? Nothing. Nada. The sites come back as soon as the Anons get bored. Crowd sourced attacks are not effective. Twitter and IRC channels have to be used to continue the riots.
But each attacker only has so much time and energy. And while they are attacking their computers and Internet connections are busy. It's like trying to get a crowd at a stadium to do the wave. As soon as the pitcher winds up on the mound the wave peters out.
What should you do if you are the target of an Anonymous DDoS attack? Just wait, they will go away...
Now, if you are worried about more powerful DDoS, such as one driven by a botnet you might want to consider hosting with CloudFlare or Akamai. Or you could buy special purpose equipment from Corero. Or you could sign up for Prolexic or Verisign's cloud based defenses.
All of these make sense if a DoS means loss of revenue.
Dutch Cyber Strategy Document
Open source researcher Matthijs R. Koot has provided a translation of the recently published Dutch Advisory Council on International Affairs document on Digital Warfare. It contains some of the first thinking on how to interpret UN Charter non-aggression language in terms of cyber aggression. Worth the read!
Best of @cyberwar
I post frequent updates to the @cyberwar stream on Twitter. Follow me for breaking news and commentary.
- Check out the DAM guide on @mosaicsecurity
- $50K investment in SpyderSafe mobile security. http://www.prweb.com/releases/CITGAPFunds/SpydrSafe/prweb9126418.htm <==smallest ever investment press release
- Web deception company @mykonossoftware takes in $4 million investment.
- This is what the "cyber war" essentially is so far XKCD
- Gang pulls off $5.2 million South African bank job via remote access:
- Programmer Charged With Stealing Source Code from Federal Reserve Bank of New York