K12IT

After witnessing the high profile DDoS (Distributed Denial of Service) attacks on sites such as Paypal, Visa and Mastercard following their bans on donations to the Wikileaks website (www.wikileaks.ch), it has become clear that DDoS attacks as protests against companies will only increase in the future. In reading up on current DDoS methods, I learned about a proof of concept that a white hat hacker has created to trick unsuspecting users into participating in an attack.

What is a DDoS? The primary goal of most attacks is to take down the website of a company. This is done, usually, by having a large number of computers simultaneously access the resources of a target web server. These computers may be members of a botnet, and therefore assisting in the skirmish without the actual owners knowing about it. Using a program such as LOIC or MyDoom amplifies this effect a hundredfold.

A new, more malevolent, tool in these battles is the ability to trick users into assisting an invasion through the use of a URL shortener site, such as bit.ly. The creator of this idea used a site he created called doz.me to create a shortened link that, when used, would launch an attack on a targeted website without the visitor having any idea it was occurring. The only person that would be aware of the attack is the person who originally shortened the link.

The obvious way to launch an attack this way would be to find some content that many people would find appealing and then post the shortened URL to news aggregation sites such as reddit. Once this is done, the miscreant can just sit back and watch the barrage unfold. Another problem with this method of attack is less obvious. Now, “hacktivists” may have plausible deniability in their offensives because they are simply clicking a link that takes them to a completely unrelated image or site. They aren’t running any applications on their machines and can argue that they have no knowledge of the ulterior motives of the shortened URL.

I feel that knowing that something like this site is out there will only help us as IT professionals react quicker to attacks and be more successful in protecting our networks. For more detail on this idea, from the actual creator, go here .