In-depth

Hackers are gonna hack, but can the enterprise do jack?

With Lizard Squad offering up their DDoS tools to others, Davey Winder wonders why the enterprise isn't doing more to protect itself?

Offline

Millions of gamers got an unwanted Christmas present, when both the Sony PlayStation Network and Microsoft's Xbox Live were hit by a Distributed Denial of Service (DDoS) attack during the festive break.

The attacks should not have surprised anyone, least of all Sony or Microsoft, considering the hacking collective responsible pre-announced its intentions and the dates they would occur a month before.

The Lizard Squad had earlier taken responsibility for hitting the Blizzard (the World of Warcraft folk) and Sony PSN servers in August, before taking down Xbox Live for a few hours a month ago. After that attack on Microsoft, a Lizard Squad spokesperson stated on the group Twitter feed that "Microsoft will receive a wonderful Christmas present from us" and admitted that knocking the service offline was "a small dose of what's to come on Christmas."

Lizard Squad is now selling access to the LizardStresser tool it used in the takedowns, claiming it to be a network stress tester for use in performing dummy attack scenarios on networks. It is nothing of the sort.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Those particular attacks appear to have come to an end after controversial internet entrepreneur Kim Dotcom offered Lizard Squad members 3,000 vouchers for his encrypted cloud storage service called Mega. These had a face value of $99, but are being sold on for $50 each, which means Lizard Squad will have netted a cool $150,000 from the attacks.

Despite news that a couple of alleged members of the hacking collective have been arrested, including a 22-year-old lad from Twickenham, Lizard Squad appear to be moving forward with the profit-making side of things. Although at first it was claimed the attacks were being made to highlight security weaknesses in the various target networks, some security industry insiders are now suggesting it's simply a marketing strategy.

The reason behind this claim is that Lizard Squad is now selling access to the LizardStresser tool it used in the takedown attacks, claiming it to be a network stress tester for use in performing dummy attack scenarios on networks.

Predictably, the tool has a track record of being used for nothing of the sort and such a description is fooling nobody. There are various rental packages on offer, ranging from a bizarrely short 100 seconds of attack time for $5.99 per month, through to a potentially devastating 30,000 seconds (eight and a half hours) for $129.99 per month There's even a referral program offering a 10 per cent bonus on referred subs and a bunch of add-ons, such as 1Gbps of dedicated power and concurrent dual-boot options for additional Bitcoinage.

It has been suggested the real story here isn't yet another bunch of youngsters using the same old tools to take down networks but rather that networks are still insecure enough to be taken down in the first place. I'm not sure this is really fair to the enterprise, at least as far as defending against DDoS attacks are concerned.

The prices above reveal just how cheap it can be to fire off a ready made attack at anyone you like, and LizardStresser is far from being the only, or cheapest, DDoS tool in town. Compare and contrast the pricing to how much it costs to engage the services of a DDoS protection provider, and it's not surprising that for all but the biggest of organisations such services are often seen as being out of reach. Indeed, given that giants such as Microsoft and Sony can still fall victim to a good old fashioned DDoS'ing, even when pre-warned about it, one has to wonder if there's anything that can actually be done to prevent a determined attacker?

Advertisement - Article continues below

Well yes, there is, although perhaps protection is best replaced by mitigation when describing the approach that needs to be taken. I've covered this subject both at IT Pro and at our sister publication Cloud Pro so won't go over old ground again. Needless to say, though, while I appreciate that DDoS attacks are not the easiest nor cheapest threat scenario to defend against, neither is it impossible nor does it have to be out of the financial reach of the enterprise.

What it requires is for organisations to stop shifting the responsibility for these attacks, to move away from the blame culture whereby the focus of guilt is shone everywhere but within and the inevitability of defeat comes to the fore. In the case of Sony and Microsoft, the clever money is on the Lizard Squad take downs being more than just a simple hire-and-fire scripted attack, and actually involving something more sophisticated.

By this I mean the combining of DDoS attack servers and botnets, and the choosing of specific targets such as login servers which would require some kind of vulnerable external DNS server manipulation to accomplish. Most enterprises are not going to be subject to such complex attack methodologies, and employing basic DDoS mitigation services alongside network security best practice is likely to keep you safe. All that's needed is the will to secure rather than an expectation of failure.

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now
Advertisement

Recommended

Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/policy-legislation/data-governance/354496/brexit-security-talks-under-threat-after-uk-accused-of
data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
Visit/security/cyber-security/354468/if-not-passwords-then-what
cyber security

If not passwords then what?

8 Jan 2020
Visit/policy-legislation/31772/gdpr-and-brexit-how-will-one-affect-the-other
Policy & legislation

GDPR and Brexit: How will one affect the other?

9 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020