We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not a subscriber? Subscribe now for unlimited access to online articles.

A View from Anne-Marie Corley

Web Attacks Highlight a Bigger Problem

DDoS attacks are a symptom of a common illness, albeit with an elusive cure.

  • July 10, 2009

Mystery still surrounds this week’s distributed denial of service (DDoS) attacks on U.S. and South Korean websites, and while speculation points to North Korea as the source, it’s likely that we’ll never know for certain. The use of a botnet–thousands of infected computers–by definition obscures the identity of the attacker, and with thousands of IP addresses involved, they’re hard to trace back to the source.

Network-based visualization of a DDoS.
Credit: Sandia National Laboratories

An article in the Wall Street Journal points out politically motivating factors that implicate North Korea: the timing can be linked to North Korea’s most recent missile launches, as well as new U.N. sanctions announced last week. Wednesday was also the fifteenth anniversary of the death of Kim Il-Sung, the former leader of the DPRK.

Even so, the attacks appear to be relatively unsophisticated. Jose Nazario of Arbor Networks, a company that monitors internet traffic and DDoS attacks calls them “amateurish” due to a mix of approaches cobbled together using a five- or six-year-old malcode that wasn’t particularly well hidden. It’s also only a moderately sized attack–at 25 megabits per second–though it involves just over 100,000 bots, concentrated heavily in South Korea. What’s most interesting, says Nazario, is the coordination of attacks on both U.S. and South Korean government and commercial sites.

While the attacks made headlines, DDoS is a common problem that happens to big companies every day, and far more aggressively than these hits to government and commercial sites. The White House, NSA, State Department and Department of Defense, after all, are not high traffic moguls like Google or Amazon, which get attacked daily and have built up their own in-house defenses, says Hal Roberts, of Harvard’s Berkman Center for Internet and Society. We just don’t hear about Amazonor Google getting attacked, Roberts says, because it happens so frequently and doesn’t bring down their sites. “There are literally hundreds, if not thousands [of attacks] going on in any given time,” says Roberts.

If two governments were to really go at it in cyberspace, Arbor Networks’ Nazario says they would more likely target key nodes like voice exchange points to inflict real pain or disrupt communications, or they could go after each other’s secrets, similar to the “Titan Rain” attacks that began in 2003, where government and academic research computers were mined for secret project information. Stealing or modifying data, says Nazario, would have a much bigger impact than overwhelming websites.

Keep up with the latest in Security at Business of Blockchain 2019.

May 2, 2019
Cambridge, MA

Register now
Want more award-winning journalism? Subscribe to Print + All Access Digital.
  • Print + All Access Digital {! insider.prices.print_digital !}*

    {! insider.display.menuOptionsLabel !}

    The best of MIT Technology Review in print and online, plus unlimited access to our online archive, an ad-free web experience, discounts to MIT Technology Review events, and The Download delivered to your email in-box each weekday.

    See details+

    12-month subscription

    Unlimited access to all our daily online news and feature stories

    6 bi-monthly issues of print + digital magazine

    10% discount to MIT Technology Review events

    Access to entire PDF magazine archive dating back to 1899

    Ad-free website experience

    The Download: newsletter delivery each weekday to your inbox

    The MIT Technology Review App

You've read of three free articles this month. for unlimited online access. You've read of three free articles this month. for unlimited online access. This is your last free article this month. for unlimited online access. You've read all your free articles this month. for unlimited online access. You've read of three free articles this month. for more, or for unlimited online access. for two more free articles, or for unlimited online access.