As the year turned from a turbulent 2015 to a hopeful 2016, online criminals set the bar high with a DDoS attack that was apparently the biggest yet seen, dwarfing 2015’s already massive attacks. The attack — launched by “hacktivist” group New World Hacking — targeted the BBC, one of the biggest news and media providers in the world, with a surge of bandwidth measuring 602GB a second at its peak. The previous largest attack was measured at about half that bandwidth.
The attack was responsible for knocking out a number of key BBC online services for several hours, including the popular iPlayer streaming video service.
With the usual display of responsible thinking, the hacker group targeted the BBC as a test of the power of their system. Their intended targets are terrorist organizations and right-wing hate groups.
The details around the attack are somewhat hazy, but it appears that the hackers used weaknesses in the security of Amazon’s cloud services with their BangStresser tool, which seems to be a relatively easy-to-use interface to a dangerous weapon.
Last year, we discussed the growing problem of malware as a service. Online criminals leverage their capabilities to compromise networked computer systems, and then sell access to whomever is prepared to pay for it. Buyers choose to include their malware packages within the portfolio of bad software installed after the initial compromise. We can, of course, expect to see this trend continue throughout 2016 — there’s a huge amount of money in it for criminals. We can also expect to see the process of buying malware infections to be simplified to the point at which those in the know will simply need to access a web interface with credit card (or bitcoins) in hand.
It’s unlikely that DDoS attacks of the scale that kicked off this year will become easy to create to the point at which ordinary people can access them. However, online criminals are beginning to see the value of providing a positive user experience — the easier it is for “ordinary users” to access malicious services, the more money criminals stand to make.
We have seen similar tactics working in the opposite direction. Criminals are making easy-to-use DDoS clients available for their supporters to install. When the time comes to launch an attack, the clients can be controlled from a central interface.
2016 is likely to be an interesting year, as criminals seek to launch ever bigger DDoS attacks, leverage the power of a positive and intuitive user experience, and find new ways to increase their revenue.
Image: Flickr/visit grand island