The primary threat to Internet services is the distributed denial of service (DDoS) attack. DDoS attacks have evolved over the last twenty years from a nuisance to a serious risk to governments and corporation continuity. They have also gone from being a tool available only to specific hackers with the ability to manipulate sophisticated computer code to easy-to-use tools that are sold over the black market, making DDoS attacks accessible to anyone who can access a web browser.
A Brief Timeline
1996: NYC’s original Internet Service Provider, Panix, was hit by a SYN flood DoS attack that took the company offline for several days after it tried to shield its customers from junk email.
2002: Record-setting DDoS attack hits 9 of the 13 root DNS servers simultaneously. The one-hour attack was done via ICMP requests (ping-flooding) to the root servers. The attack had minimal impact on Internet users, but the FBI and Department of Homeland Security investigated the attack and believed that they originated overseas.
2007: Estonia was one of the first countries to experience cyber warfare when Estonian organizations, including parliament, banks, newspapers and ministries, were hit with a series of sustained DDoS attacks. These followed geopolitical tensions with Russia about the relocation of the Bronze Soldier of Tallinn, a Soviet-era grave marker. The attacks helped make Estonia a cyber security hotshot today.
2008: Anonymous started a series of high profile DDoS and website defacement attacks, including Project Chanology, which involved flooding the Church of Scientology’s servers with fake data requests, as punishment for the Church’s alleged brainwashing of its members and alleged abuse of copyright laws.
2011: Rustock botnet, which at its peak, controlled 2.4 million computers is taken down in a coordinated campaign by Interpol, Microsoft, and the University of Washington known as Operation b107. Rustock was the leading source of junk email on the Internet.
2013: Cyber Bunker launches a 300 Gbps DDoS attack against the email spam protection service Spamhaus. It was targeted for naming cybercrime hosting, spam and botnet operations. This attack was triple the size of the previous largest attack to date, reaching 300Gbps.
2016: Public-facing web properties and organizations connected to the Olympics were targeted by large-scale DDoS attacks sustaining 500Gbps in attack traffic during the games.
2017: 33% of organizations faced a DDoS attack in 2017, compared to just 17% in 2016, according to a report issued by the Kaspersky Lab. DDoS attacks are hitting businesses of all sizes worldwide and the growth in such attacks is also leading to a growth in the cybersecurity and cyberinsurance sector.
This broad overview of DDoS attacks over the last twenty years show the escalation in scale and potential damage they can inflict, and the way in which they often echo real world political and ideological conflicts.