The Fraud Blog with Tracy Kitten

DDoS: It's About Internet Insecurity

Why Aren't We Addressing the Core Problem?

Over the past few months, distributed-denial-of-service attacks on U.S. banks have garnered great attention.

See Also: Webinar | The Future of Adaptive Authentication in Financial Services

But what we've failed to address is the core problem: Internet insecurity, which enables attackers to wage massive attacks with botnets that continue to grow.

DDoS and other online attacks thrive on Internet insecurity. Until we lock down the Web's weak spots, we'll never make progress. 

I've spoken to many security experts about why DDoS attacks are so successful, and they echo what Mike Smith of Akamai Technologies, an Internet platform provider has to say: "It's an Internet health issue."

Outdated and vulnerable versions of Web applications, such as WordPress and Joomla, as well as organizations' own content management systems, make it all too easy for attackers to compromise vulnerable websites and use them as launching pads for attacks aimed at U.S. banks.

"Those outdated systems are actually impacting other organizations on the Internet," Smith says.

This sort of vulnerability was recently identified by DDoS-prevention and Web security provider Incapsula, which blogged about a website in the U.K. being used to launch DDoS traffic against U.S. banks.

Through a review of intercepted traffic coming from the site, Incapsula discovered attackers were attempting to operate it as a back door for bot traffic.

In this case, taking over the site was easy. The administrative password was "admin/admin."

Unfortunately, site takeovers such as this are common, and these takeovers are fueling DDoS and other junk traffic on the Internet.

"This is not really new, and it has been used on multiple occasions from multiple sites," says DDoS expert John Walker, who serves as chairman of ISACA's Security Advisory Group in London. "A real estate site in Orange County [Calif.] was used recently as a back door, and then from that site multiple attacks were mounted. At that time, I understand the owner of the site was contacted, but they said it was not impacting their operations, so it was allowed to continue and was used for multiple attacks against multiple sites."

Tackling Internet Insecurity

DDoS and other online attacks thrive on Internet insecurity. Until we lock down the Web's weak spots, we'll never make progress.

But who should be in charge of spearheading the cleanup?

That's the question security experts are now asking, and it doesn't appear they'll find an answer anytime soon.

Getting governments involved is a good first step, but only as a catalyst for more information sharing, as we've seen in the U.S. with the DDoS cases.

In the end, the solution will rely on increasing IT awareness, because attackers have too many weak sites at their disposal.

Network providers have the knowledge, and if government can get them in the same room with the IT vendors and ISPs, there could be hope for more Internet cleansing.

But the Web is so vast. Facilitating that kind of communication among so many parties would be daunting for anyone. And it's going to take more than the U.S. government. DDoS and other attacks are a global problem.

What's the Next Target?

Today, U.S. banks are the target, but tomorrow, it could be government agencies or even healthcare providers.

The expected length of these attacks has piqued concern as well. No organization or industry can withstand ongoing attacks for years on end, even if they've been successful at staving off online outages for a few months, as the financial industry has done (see DDoS: Lessons from Phase 2 Attacks).

So how can we prevent DDoS attacks from growing by improving Internet security? No one yet has the definitive answer.

But a good place to start is by spreading the word and increasing awareness about problem areas, such as outdated applications and other bad habits.



About the Author

Tracy Kitten

Tracy Kitten

Director of Global Events Content and Executive Editor, BankInfoSecurity & CUInfoSecurity

A veteran journalist with more than 20 years' experience, Kitten has covered the financial sector for the last 13 years. Before joining Information Security Media Group in 2010, where she now serves as director of global events content and executive editor of BankInfoSecurity and CUInfoSecurity, she covered the financial self-service industry as the senior editor of ATMmarketplace, part of Networld Media. Kitten has been a regular speaker at domestic and international conferences, and was the keynote at ATMIA's U.S. and Canadian conferences in 2009. She has been quoted by CNN.com, ABC News, Bankrate.com and MSN Money.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.