Is Feedly's DDoS attack as extortion common online?
June 12, 2014 9:53 AM Subscribe
For the last two days feedly has been down for significant chunks of time because of DDoS attacks (article). They say hackers are trying to extort them for money. Is this common online?
I've heard examples of it in the past, but cannot find any data about its frequency. Also, how often do companies pay the shakedown to keep their service up? Is it even a logical attack by hackers, financially?
I've heard examples of it in the past, but cannot find any data about its frequency. Also, how often do companies pay the shakedown to keep their service up? Is it even a logical attack by hackers, financially?
The company I work for has had a ton of DDOS attacks lately, aimed at Typepad, which most of its sites are built on. Our IT department told us it's similar to what happened to these companies (SLNYT).
posted by vickyverky at 9:58 AM on June 12, 2014
posted by vickyverky at 9:58 AM on June 12, 2014
It's happened a couple of times to Basecamp, that I'm aware of.
posted by Happy Dave at 10:08 AM on June 12, 2014
posted by Happy Dave at 10:08 AM on June 12, 2014
Are you familiar with DigitalAttackMap.com? There are links to research in the FAQ and Understanding DDOS that address extortion and "ransomware."
posted by slipthought at 10:47 AM on June 12, 2014
posted by slipthought at 10:47 AM on June 12, 2014
It happened to Meetup.com not long ago.
posted by interplanetjanet at 11:28 AM on June 12, 2014 [1 favorite]
posted by interplanetjanet at 11:28 AM on June 12, 2014 [1 favorite]
I don't have statistics for you, but here's some example reports: Meetup, EasyDNS, WikiLeaks, Eve Online, Basecamp. The 2010 book Fatal System Error goes in some depth about the DDOS hacking world, both the extortion artists and the folks who try to protect themselves.
Feedly, Meetup, and Basecamp are all unusual in having gone public. My impression is there's a whole lot of unreported $5000 shakedowns that happen and that most sites pay up rather than risk escalation with a public battle. I'd love to see hard data on that. Perhaps CloudFlare has data in their marketing materials?
posted by Nelson at 2:31 PM on June 12, 2014 [1 favorite]
Feedly, Meetup, and Basecamp are all unusual in having gone public. My impression is there's a whole lot of unreported $5000 shakedowns that happen and that most sites pay up rather than risk escalation with a public battle. I'd love to see hard data on that. Perhaps CloudFlare has data in their marketing materials?
posted by Nelson at 2:31 PM on June 12, 2014 [1 favorite]
Best answer: Is it even a logical attack by hackers, financially?
DDoS attacks can be quite efficient. The NTP reflection technique results in a 58-fold amplification of data packets, whereas the "older" DDoS technique of DNS amplification created a roughly 8-fold increase in data. This means that for every 1 kilobyte of data sent out by your "team", you can direct 58 kilobytes of data at your target. Multiply this by hundreds of requests per second from thousands of computers, and you can get up to the 400 GB/s DDoS attacks CloudFare has previously had to fend off pretty easily.
Botnets that can help you with this sort of attack are relatively inexpensive on the black market, and they're basically free if you're the sort of shady enterprise that builds your own net of infected computers. So, to shake someone down? I would say the answer from a financial standpoint is definitively yes. Until you get caught.
posted by wondercow at 4:52 PM on June 12, 2014
DDoS attacks can be quite efficient. The NTP reflection technique results in a 58-fold amplification of data packets, whereas the "older" DDoS technique of DNS amplification created a roughly 8-fold increase in data. This means that for every 1 kilobyte of data sent out by your "team", you can direct 58 kilobytes of data at your target. Multiply this by hundreds of requests per second from thousands of computers, and you can get up to the 400 GB/s DDoS attacks CloudFare has previously had to fend off pretty easily.
Botnets that can help you with this sort of attack are relatively inexpensive on the black market, and they're basically free if you're the sort of shady enterprise that builds your own net of infected computers. So, to shake someone down? I would say the answer from a financial standpoint is definitively yes. Until you get caught.
posted by wondercow at 4:52 PM on June 12, 2014
« Older Is Lasik worth pursuing if my eyes are wonky? | Applying for a job when I don't know my... Newer »
This thread is closed to new comments.
Here, the costs to fight include bandwidth use, host hardware (larger VM, etc), re-direct and filtering of packets, loss of revenue due to downtime (ad or sales related).
And yes, this was much more common against gambling sites when on-line betting hand't yet been ban-hammered by US law. (Though googling "online gamble ddos" shows that it is still going on.)
posted by k5.user at 9:57 AM on June 12, 2014