2016 can be deemed “The Year of DDoS." Five large-scale Distributed Denial of Service (DDoS) attacks shocked the technology world. On the new episode of the Cybereason-sponsored podcast, Malicious Life, we examine how the power of the Internet can be harvested and deployed to take down major companies and websites.
Back in the early 2000s, a young man from Canada named Michael Calce, who went by the online nickname of “MafiaBoy,” decided he would hijack his school’s computer network to attempt a massive Denial of Service attack. Every computer in his school’s network would direct traffic to one single website, in an attempt to overload it and crash.
Calce did this to impress his friends. He was part of a hacker group whose sole purpose was to try and generate chaos- see who can hack into the biggest sites, make the most impact. If that sounds childish, that’s because it is- MafiaBoy was a teenager, a 15-year-old boy. And so, he set up his network, aimed it at the biggest website he could think of, fired it up, and left for school. On his return, he had discovered the he was able to bring down Yahoo!, and later also CNN, eBay, and Amazon.
This ushered in an era of massive coordinated attacks. In 2013, a DDoS attack was launched against Spamhaus, a non-profit organization that helps other organizations and companies to filter spam. This attack was nicknamed The DDoS That Almost Broke The Internet.
Naturally, spammers aren’t exactly fond of Spamhaus, and its servers suffer DDoS attacks and break-in attempts on an almost daily basis. But the DDoS attack that started in March 2013 was much larger than those the engineers at Spamhaus were used to dealing with-10 gigabits of information streamed into Spamhaus’ servers every second- 10x the bandwidth that Michael Calce was using in 2000. Spamhaus was unable to deal with such a monstrous attack and called upon CloudFlare, a content delivery network that also provides anti-DDoS defense services.
CloudFlare, came to the rescue with it's global server network. Spamhaus’ website came back online, and all seemed OK. But, the attackers would not give up, and decided to push the pedal to the metal in order to knock down CloudFlare’s network as well. The information volume of the attack jumped to 100 gigabits per second, and then to 120. It was one of the largest DDoS attacks that CloudFlare, and the world, had ever seen. But somehow, the company endured.
Fast forward to October 21st, 2016- the biggest attack of all, ‘the mother of DDoS attacks’, was launched on Dyn, a DNS service provider, with 1.2 terabits of information per second- 1000 times more than the bandwidth MafiaBoy was using at the time, and twice what was used against Krebs. Big websites such as Reddit, Twitter, CNN and others went down for hours. This is why the year 2016 was dubbed "The year of the DDoS."
Now, more than ever, the risk is high. The rise of connected machines, allows hackers to hijack millions of machines capable of routing traffic onto one target. Those who are aiming to do harm, are creating more sophisticated ways to exploit these devices, while others are coming up with unconventional, and at times unethical ways to deal with the problem.
Learn more about DDoS attacks, botnets, and the good guys who are defending on the 4th episode of Malicious Life-Big Cannons. With special guests Yossi Naar and Graham Cluley.