Page 51 - Cyber Warnings
P. 51
This category of attacks serves as a grab-all for incidents that don't fit into the more defined
versions of a DDoS attack. As they are often poorly organized attacks on random companies, it
is difficult to pin down specific warning signs.
If you are a high-profile company that would make for good headlines, you can assume you've
been the target of this sort of incident.
Political
Government and state-run websites have been a common target for protestors and activists
looking to make a statement via cyber means. Most commonly associated with the likes of
Anonymous and other hacker collectives, these attacks are a slightly more advanced/targeted
version of the hit-and-run.
There is no true end-game in terms of tangible payoff — these attacks tend to be symbolic in
nature.
By taking down government web assets, attackers cause headaches for officials looking to both
save face and bring critical services back online. While there is little payoff for the hacktivists,
the damage caused to operations and reputation is very real.
Fiscal
The ease of pulling off a rudimentary DDoS attack means that the hackers aren't always the
usual suspects. For example, a recent survey from Kaspersky Labs found that 48 percent of
companies who had experienced a DDoS attack believed their competition was responsible.
While these statistics may be slightly inflated due to human paranoia, at least some of the
attacks being reported fall into the category of B2B cyber crime.
Along with causing productivity declines that reduce the efficiency of a key competitor,
companies perpetrating these attacks also aim to damage the target's reputation. While there
are no direct monetary gains for the perpetrator, the indirect benefit of not having yourself
associated with a cyber attack is enough to draw customers away from the competition.
Smokescreen
Hackers have increasingly turned to DDoS attacks as a means of diverting IT's attention away
from separate, and often times more damaging, behaviour.
When an attacker damages or completely brings down a company's network, the process for
complete remediation can take days. Coupled with the fact that DDoS attacks are highly visible,
both externally and internally, returning to business as usual becomes priority one for
responders.
51 Cyber Warnings E-Magazine – June 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
