OPLIN 4Cast #258: DoS’d for the holidays

Late in the afternoon on Black Friday, the oplin.org website was hit by an apparent Denial of Service (DoS) attack. DoS and DDoS (Distributed Denial of Service) attacks overwhelm a website with so many requests for connections that the webserver is too busy with this “junk” traffic to respond to legitimate traffic. As a result, it looked like the OPLIN website, and all the services that run on the same server – like the 4cast – were offline for a couple of hours until we stopped the attack. Why was oplin.org targeted? Good question, since it’s a pretty innocuous website, but certainly the timing of the attack suggests that we may have been an innocent victim of a general increase in DoS attacks that happens around the holidays.

  • E-commerce, retail websites alert for DDoS attacks this holiday season (eWEEK/Fahmida Y. Rashid)  “DDoS attacks increased by 30 percent in 2010, and the number is expected to be higher in 2011, according to Gartner estimates. The attacks have also been escalating in size and complexity in 2011, according to Paul Sop, chief technology officer at Prolexic. Attackers generally are throwing more packets, using more bandwidth and targeting the application layer, Sop said. E-commerce businesses aren’t the only ones that have to worry about DDoS attacks during this holiday season, as hospitality, gaming and shipping services should also be on high alert for DDoS attacks, Sop said.”
  • Corero advises retailers of risks associated with DDoS attacks during holiday shopping season (BusinessWire)  “DDoS attacks bring victim websites to a crawl or halt, using network flooding techniques that have been in use for more than a decade, and more recently, insidious application-layer attacks which are very difficult to detect. Online commerce depends on sites that are responsive and always available. Frustrated customers will quickly abandon an unresponsive site and go to another.”
  • Firewalls can’t keep up with DDoS attacks (PCWorld/John E. Dunn)  “The survey of 1000 medium and large organizations in ten countries found that up to 45 percent of respondents experience such attacks on a regular basis, a mixture of application and network-layer incursions. About half rated denial of service attacks as highly effective with 79 percent saying they still relied on firewalls to deflect them despite 42 percent finding that such devices were ineffective against conventional attacks at the network layer.”
  • Happy holidays: 5 ways to use DoS testing to thwart cyber extortion (BreakingPoint/Pam O’Neal)  “…online businesses still fear these threats, with little confidence in the DoS mitigation and security measures put in place to protect them. This is especially true for Internet retailers, the latest victims of hacker-extortionists. Internet retailers have a small window to ‘get it right’ when it comes to hardening their resiliency to DoS or DDoS attacks. And the post-Thanksgiving Cyber Monday is part of that small window.”

Method fact:
Kaspersky Labs reports that the “HTTP flood” method, which simply sends a huge number of HTTP requests to the targeted site over a short period of time, accounted for 88.9% of all DDoS attacks in the second quarter of 2011.

Leave a Reply

retaggr