Police Cracking Down on DDoS Operators

DDoS attack mitigation

The key to success, Sylvester Stallone’s grizzled boxer character says in the movie Rocky Balboa, is all about how hard you can get hit and keep moving forward. Rocky Balboa probably wasn’t meant as an analogy for cyber security in the age of DDoS attacks, but the analogy certainly holds.

DDoS, or distributed denial of service attacks explained in regular, non-acronym English, refers to a form of cyber attack in which a target — typically a website or online service — is bombarded with enormous amounts of fake traffic with the purpose of knocking them offline. Large attacks can extend far beyond one terabyte of data per second. Websites or onlines services, like Stallone’s weather beaten pugilist, have to be able to withstand prolonged attacks and live to tell the tale. That, to quote Rocky, is how winning is done.

This is where booters or stressors come into play. At least, in theory.

Bad booters

A booter or stressor is supposedly a tool that allows websites or online services to stress test themselves to see how they would deal with significant amounts of traffic. Purchased on a subscription basis like a service such as Netflix, booter services essentially function as on-demand DDoS services that give legitimate users a way to put their own systems through their paces so as to know what they can withstand in the event that an enemy attacks. Think of it like trying to break into your own home so as to identify possible weaknesses that you could plug.

Unfortunately, booters aren’t always used legitimately. In many cases this use is in name only, with the services offered by bad actors or profit-seeking criminals as a way to sell botnets, large networks of computers and other connected devices that have been infected with malware that lets them be used as sleeper agents for large scale DDoS attacks.

By offering these services, operators reduce the barrier to entry for users who want to target other people’s services or websites: allowing them to do so without possessing the necessary technical skills, for as little as a few dollars at a time. This, in turn, opens up the number of users who can launch effective DDoS attacks, thereby helping increase the quantity of such attacks.

Attacks are on the rise

According to one recent report, in the first half of 2021 alone there were a massive 5.4 million DDoS attacks recorded. That figure represents an increase of 11 percent compared to the same period in 2020. As the world has come to rely more than ever on connected services and infrastructure — especially during the pandemic, which made us lean more heavily on everything from Zoom to Amazon — the potential impact of DDoS attacks has increased.

Authorities are doing their best to crack down on these attacks. For example, recently the Dutch Police sent out letters to customers of minesearch.rip, a booter website which had been used in multiple DDoS attacks. The letters warned the recipients that their identities had been noted, and that future offenses would result in their being prosecuted. This followed another instance, earlier in 2021, in which Dutch Police ordered the takedown of 15 booter websites in a single week.

This is still early days for law enforcement doing their part to prevent cyber attacks such as DDoS. Nonetheless, it highlights that such measures are now considered necessary. While this is a prototypical example from just one group of law enforcement officials in one part of the world, hopefully this could set a precedent that will play an important role in diminishing the threat of DDoS attacks.

Protect yourself against DDoS

Until that happens, however, it’s essential that organizations do their part to fight back — and protect themselves and their customers — against DDoS. Fortunately, the tools that can help are out there.

Some of these tools include the likes of Web Application Firewalls (WAFs), which work by filtering out malicious traffic, while still letting legitimate traffic get through to its final intended destination. This allows services or websites to continue operating normally, even when they’re being subjected to an attack at that very moment. Meanwhile, innovations referred to as scrubbing centers can help organizations and businesses to deal with the enormous size and scale of volumetric attacks.

DDoS has been a part of the cyber security landscape for upward of two decades. Despite efforts to stop it at the source (such as prosecuting attackers), the issue continues to plague users. There are even new flavors of DDoS, such as ransom-focused attacks that harness fears about DDoS to try and extort money from targets. Organizations need to do their best to protect their infrastructure against these threats using the best tools available to them. DDoS isn’t going away. But taking the right steps can greatly diminish the chances of you and your users suffering the brunt of an attack. With DDoS attacks on the rise, DDoS protection solutions are vital parts of a corporate security strategy. Doing so is some of the best money you can possibly spend. Your users will thank you for it.