By Will Sturgeon, 21 April 2004 15:55
NEWS Extortion scams threatening distributed denial of service (DDoS) attacks against sites that don't pay a ransom fee are becoming far more common than was feared when it was believed that larger bookmakers were the major target.
Blamed largely on the Russian mafia by security experts, the blackmail scams threaten to cripple businesses with overwhelming amounts of site traffic unless the company pays up. According to Cable & Wireless, the number and nature of companies targeted is changing rapidly.
Rob Thomas, head of product marketing and C&W, said: "We've seen a significant increase in DDoS attacks with the increase in broadband. The amount of traffic which can now be created through these always-on connections has increased and these attacks are becoming far more sophisticated."
Furthermore, he warned that only 20 per cent of companies are likely to have measures in place to prevent them falling foul of such scams.
Thomas said the attacks, which were originally aimed largely at gambling sites, are starting to target other businesses.
Thomas said: "Online retailers are all vulnerable to attack in this way, as is anybody who is generating significant revenue online."
Inevitably this means that smaller companies may find themselves in the firing line - once all the largest targets have been hit or have put in place measures to safeguard themselves.
"Organised criminals may now be targeting companies who don't have the resources in place to guard against these attacks," said Thomas, citing a couple of smaller C&W customers who have reported problems of this nature.
A great many businesses have rushed online, according to Thomas, and many are now paying for having "not hardened the platform" prior to launch nor planning their security needs appropriately.
And although he agreed that it is an issue in danger of being over-hyped at the moment, Thomas says it is a very real concern for many businesses - though he said firms must be aware of which threats are most relevant to them and must have proper planning in place to establish the level of risk and guard against it.
These scams clearly pose more of a threat to the likes of Ladbrokes and Bet365.com than they do to small independent e-tailers but all companies must cater for their relative exposure, according to Thomas.
Comments
There are 4 comments. Join the discussion
1. The Russian Mafia
Pay me a gazillion dollars or I'll take down your site!!!!
2. Chris Harrison
I'm not normally a critic of Microsoft, but they should have woken up years ago and built virus and trojan protection into Windows. Until every PC has protection against the trojans used in DOS attacks, updated daily from windowsupdate, these attacks will grow in frequency and severity.
3. SteveA
SCO are responsible for the biggest extortion scam. "You've got a nice operating system here... it'd be a shame if someone *BROKE* it." - Darl McBride
4. Robert Potter
If Microsoft bundles any antivirus software with their OS they'll probably take the same flack they have for Internet Explorer, Windows Media Player, Microsoft Virtual Machine, and more recently Windows Messenger.