• United States



by Managing Editor

The DDoS attack survival guide, 2013 edition

Mar 12, 20134 mins
BotnetsCloud SecurityCybercrime

How botnets and application vulnerabilities have made DDoS attacks more damaging than ever before, and what you can do to fight back.

Google. Twitter. Government websites. Fortune-500 companies. All are victims of crippling distributed denial-of-service (DDoS) attacks. The attacks have grown in reach and intensity thanks to botnets and a bounty of application flaws. This collection of articles will bring you up to speed on how the threat has evolved and what you can do to better protect your organization.

UPDATED 3/12/2013 with full coverage of DDoS attacks against the banking sector.


Latest DDoS attacks on banks: A teachable moment

Strikes this week failed to disrupt banks’ online operations — but gave enterprises a better idea of how to tighten defenses

Mobile devices set to become next DDoS attack tool

While no DDoS attacks have been linked to mobile devices, one analyst is convinced it’s only a matter of time

Expert fingers DDoS toolkit used in bank cyberattacks

Prolexic says ‘itsoknoproblembro’ kit’s uses points to sophisticated operation

Hacktivists strike U.S. Bank with volunteer-powered DDoS

Rather than launch the attack from a network of compromised machines, the attackers are said to be individuals running a one-click script

Banks can only hope for best with DDoS attacks

As with Tuesday’s attack on Wells Fargo, distributed denial of service attacks are said to be still crude but effective

DDoS attacks against US banks peaked at 60 Gbps

Banks are likely to be better protected against this wave of attacks, Arbor Networks researchers say

Bad Security PR Watch: FUD with DDoS

Welcome to another installment of “Bad Security PR Watch,” where Bill Brenner publicly shames PR folks who use FUD to sell me on a story idea. OK, it’s not exactly a public shaming. I keep names out. I just don’t have it in me to be that cold-blooded. This one is about the “growing” threat of DDoS attacks.

What it’s like to get hit with a DDoS attack

Akamai often finds itself scrambling to stop a DDOS attack against one or more of its clients.

Timeline of DDoS attack emanating from Korea

LOIC tool enables easy Wikileaks-driven DDoS attacks

As the tools employed within the pro-Wikileaks distributed denial-of-service attacks highlight, attack software is getting insanely simple to deploy and use.

DDoS attacks are back (and bigger than before)

DDoS attacks are back in the headlines. Thanks to the rapid proliferation of botnets, the threat may be bigger than the bad guys had even planned.

DDoS returns: What researchers are learning about targets, tactics

Two IT security specialists share what they’ve learned about the targets chosen for DDoS attacks and how to adjust security strategies based on those lessons.

Report: Layer 7 increasingly under DDoS gun

A new report shows an upward trend where attack tools exploit layer 7 to maximize the impact of DDoS assaults. Here’s what you can do to blunt the threat.

With botnets everywhere, DDoS attacks get cheaper

Cyber-crime just doesn’t pay like it used to.

How a bookmaker and a whiz kid took on a DDoS-based online extortion attack”

Facing an online extortion threat, bookmaker Mickey Richardson bet his Web-based business on a networking whiz from Sacramento who first beat back the bad guys, then helped the cops nab them.

Security experts scramble to decipher Twitter attack

Facebook exec claims Twitter, Google and others were attacked to silence pro-Georgian activist.

CSO Senior Editor Bill Brenner launches a series on distributed denial-of-service attacks. Here, he interviews Andy Ellis, CSO of Akamai. Given the nature of the business, when a denial-of-service attack is in progress or being attempted, Akamai is among the first to see and respond to it.

Evolution of DDoS: Why it’s only getting worse

CSO Senior Editor Bill Brenner talks to Breach Security application research director Ryan Barnett about the shift in tactics attackers are using to deepen the damage their DDoSes can inflict.