IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more
In-depth

Hackers are gonna hack, but can the enterprise do jack?

With Lizard Squad offering up their DDoS tools to others, Davey Winder wonders why the enterprise isn't doing more to protect itself?

Offline

Millions of gamers got an unwanted Christmas present, when both the Sony PlayStation Network and Microsoft's Xbox Live were hit by a Distributed Denial of Service (DDoS) attack during the festive break.

The attacks should not have surprised anyone, least of all Sony or Microsoft, considering the hacking collective responsible pre-announced its intentions and the dates they would occur a month before.

The Lizard Squad had earlier taken responsibility for hitting the Blizzard (the World of Warcraft folk) and Sony PSN servers in August, before taking down Xbox Live for a few hours a month ago. After that attack on Microsoft, a Lizard Squad spokesperson stated on the group Twitter feed that "Microsoft will receive a wonderful Christmas present from us" and admitted that knocking the service offline was "a small dose of what's to come on Christmas."

Those particular attacks appear to have come to an end after controversial internet entrepreneur Kim Dotcom offered Lizard Squad members 3,000 vouchers for his encrypted cloud storage service called Mega. These had a face value of $99, but are being sold on for $50 each, which means Lizard Squad will have netted a cool $150,000 from the attacks.

Despite news that a couple of alleged members of the hacking collective have been arrested, including a 22-year-old lad from Twickenham, Lizard Squad appear to be moving forward with the profit-making side of things. Although at first it was claimed the attacks were being made to highlight security weaknesses in the various target networks, some security industry insiders are now suggesting it's simply a marketing strategy.

The reason behind this claim is that Lizard Squad is now selling access to the LizardStresser tool it used in the takedown attacks, claiming it to be a network stress tester for use in performing dummy attack scenarios on networks.

Predictably, the tool has a track record of being used for nothing of the sort and such a description is fooling nobody. There are various rental packages on offer, ranging from a bizarrely short 100 seconds of attack time for $5.99 per month, through to a potentially devastating 30,000 seconds (eight and a half hours) for $129.99 per month There's even a referral program offering a 10 per cent bonus on referred subs and a bunch of add-ons, such as 1Gbps of dedicated power and concurrent dual-boot options for additional Bitcoinage.

It has been suggested the real story here isn't yet another bunch of youngsters using the same old tools to take down networks but rather that networks are still insecure enough to be taken down in the first place. I'm not sure this is really fair to the enterprise, at least as far as defending against DDoS attacks are concerned.

The prices above reveal just how cheap it can be to fire off a ready made attack at anyone you like, and LizardStresser is far from being the only, or cheapest, DDoS tool in town. Compare and contrast the pricing to how much it costs to engage the services of a DDoS protection provider, and it's not surprising that for all but the biggest of organisations such services are often seen as being out of reach. Indeed, given that giants such as Microsoft and Sony can still fall victim to a good old fashioned DDoS'ing, even when pre-warned about it, one has to wonder if there's anything that can actually be done to prevent a determined attacker?

Well yes, there is, although perhaps protection is best replaced by mitigation when describing the approach that needs to be taken. I've covered this subject both at IT Pro and at our sister publication Cloud Pro so won't go over old ground again. Needless to say, though, while I appreciate that DDoS attacks are not the easiest nor cheapest threat scenario to defend against, neither is it impossible nor does it have to be out of the financial reach of the enterprise.

What it requires is for organisations to stop shifting the responsibility for these attacks, to move away from the blame culture whereby the focus of guilt is shone everywhere but within and the inevitability of defeat comes to the fore. In the case of Sony and Microsoft, the clever money is on the Lizard Squad take downs being more than just a simple hire-and-fire scripted attack, and actually involving something more sophisticated.

By this I mean the combining of DDoS attack servers and botnets, and the choosing of specific targets such as login servers which would require some kind of vulnerable external DNS server manipulation to accomplish. Most enterprises are not going to be subject to such complex attack methodologies, and employing basic DDoS mitigation services alongside network security best practice is likely to keep you safe. All that's needed is the will to secure rather than an expectation of failure.

Featured Resources

Meeting the future of education with confidence

How the switch to digital learning has created an opportunity to meet the needs of every student, always

Free Download

The Total Economic Impact™ of IBM Cloud Pak® for Watson AIOps with Instana

Cost savings and business benefits

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

Technology reimagined

Why PCaaS is perfect for modern schools

Free Download

Recommended

Hackers use Linux backdoor on compromised e-commerce sites with software skimmer
malware

Hackers use Linux backdoor on compromised e-commerce sites with software skimmer

19 Nov 2021
Iranian hackers ramp up attacks against IT services sector
hacking

Iranian hackers ramp up attacks against IT services sector

19 Nov 2021
TikTok phishing campaign tried to scam over 125 influencer accounts
social media

TikTok phishing campaign tried to scam over 125 influencer accounts

18 Nov 2021
Alibaba ECS instances targeted in new cryptojacking campaign
cryptocurrencies

Alibaba ECS instances targeted in new cryptojacking campaign

16 Nov 2021

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

7 Jun 2022
Attracting and retaining talent through training
Sponsored

Attracting and retaining talent through training

13 Jun 2022
Delivery firm Yodel disrupted by cyber attack
cyber attacks

Delivery firm Yodel disrupted by cyber attack

21 Jun 2022