Organisations warned to review security as WikiLeaks DDoS attacks intensify
December 2010 by
Amidst reports that a number of financial Web portals have been effectively downed by a series of Distributed Denial of Service (DDoS) attacks from WikiLeaks’ supporters should not come as any surprise, say the organisers of the Infosecurity Europe show which will be held at Earls Court, London 19-21 April 2011 www.infosec.co.uk
But, says Claire Sellick, Event Director of the InfoSecurity Europe event, with all the signs that the founder of WikiLeaks, Julian Assange, may in prison for some time pending his extradition to Sweden or the US, the hactivist attacks are almost certain to escalate.
"The fact that the massive Mastercard Web site, which is accessed on a regular basis from many countries around the world, has been downed by a DDoS attack from the 4chan-linked Anon Operation, shows the scale the hacktivists can now operate on," she said.
"Other sites of organisations that severed their links with Assange in recent days have also been subjected to DDoS attacks of varying intensity, but one thing is for sure, these attacks will continue on the sites concerned for a long time to come," she added.
Whilst the attacks were likely, she went on to say, it is important for any organisation with a Web-facing presence - even if it a simple shop window - to understand that, with the right security in place, it is possible to prepare for a DDoS attack.
And, whilst a full-on attack is difficult to assuage, technologies such as hosting and route diversification can go a long away towards setting the barrier for an effective DDoS attack a lot higher than it may have been previously.
As WikiLeaks itself has shown, the Infosecurity Europe show director says, a Web site can be hosted on multiple sets of servers, which can also be peered on different Internet peering exchanges.
In the UK, she explained, the main London Telehouse peering point is complemented by the MaNAP/EdgeIX peering station in Manchester, and some ISPs now peer their connections through both points.
US hosting providers, meanwhile, have similar diversity, meaning that an attack on one peering point, or domain group, will not bring down all accesses to the site in question.
For smaller organisations, Sellick says that route diversity can often include using more than one business ISP for Internet access, which in itself - if combined with using different local phone exchanges for the broadband lines - can make a firm’s Internet facilities far more robust against a disaster.
"Good IT security planning also has its place. You don’t need to spend a fortune on beefing up your Internet security. A little forward planning can go a long away," she said.
"Once thing is for sure, however, and that is the WikiLeaks DDoS attacks are not going to go away. If anything we expect they will intensify in the days ahead and companies need to take this opportunity to review and boost their IT/IP security arrangements to protect themselves," she added.