advertisement

Politically motivated denial-of-service attacks of the kind that took down Amazon, Visa, MasterCard, and PayPal aren’t going to go away. Here’s how you should prepare.

BY E.B. Boyd3 minute read

protestDistributed denial of service attacks against websites have been around for about a decade. But as Fast Company wrote last week, Operation Payback, the pro-WikiLeaks attacks which hit Visa, MasterCard, and PayPal this week were different than your run-of-the-mill DDoS’s. This marked the first time that attacks of this scale were made for political–rather than criminal–reasons. Think of them as digital versions of the WTO protests.

And along with other types of persistent hacks, they’re probably not going to go away, either. Protestors have found a new tool, and they’re likely to use it to express their displeasure about other issues in the future. To find out what that means for companies, Fast Company reached out to cyber security experts to ask them why activists are suddenly using DDoS’s and what companies should do to protect themselves.

Why hacktivism now?

  • Social networks are turbo-charging hacktivism

A major difference between Operation Payback and your run-of-the-mill criminal hit was the number of volunteers involved. Denial of service attacks aren’t particularly complicated to pull off, technologically, but you do need a large number of computers to all fire at the same time. Traditional hackers use computers they’ve infected without the owners’ consent. Last week’s attacks involved volunteers, who knowingly served up their machines to participate in the attacks. Social networks like Twitter made it possible to coordinate tens of thousands of people around the world, pointing them to discussions about the attacks and letting them know which site to target.

  • Online sites are increasingly attractive targets

The more companies do business online, the more disruptive a DDoS attack can be. Like the WTO protestors, the hacktivists behind Operation Payback were mainly gunning for attention, and attention they got. As more and more companies put more of their operations online, the Internet becomes an increasingly attractive place to conduct a protest. “Standing outside holding placards does not get the attention it once did,” said Gunter Ollman, vice president of research at cyber security company Damballa. “Taking down important websites and denying access to legitimate business use of those sites gets a lot more attention.”

  • Hacktivists are getting smarter

According to Noa Bar Yosef, senior security strategist at Imperva, professional criminal hacking is a $1.3 trillion industry. Though it lives in the shadows, the people who work within it have enormously sophisticated processes for breaking into other people’s systems, sometimes bringing sites down, sometimes stealing data. And now hacktivists are learning from them. “[Hacktivism] is not a new phenomenon,” Bar Yosef told Fast Company. “What’s new is that they’re learning from industrialized crime. They’re learning to use the same processes and same operations.”

How companies can protect themselves

PluggedIn Newsletter logo
Sign up for our weekly tech digest.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Privacy Policy

ABOUT THE AUTHOR

E.B. Boyd (@ebboyd) has holed up in conference rooms with pioneers in Silicon Valley and hunkered down in bunkers with soldiers in Afghanistan More


Explore Topics