Five years ago, network security experts gathered at a NetWorld+Interop conference and issued a dire warning: devastating Denial of Service attacks loom, they said, and they could not have been more prescient. Their call to action wasn't all hype, hyperbole, or overreaction. Today, DoS and Distributed Denial of Service (DDoS) attacks against Web sites of all sizes are common. Some pack alarming consequences, not to mention generally nasty surprises resulting in jaw-grinding headaches for site administrators.
Formed in response to the initial outbreak of high-profile companies whose networks were knocked offline by extremely high volumes of traffic, the industry consortium, known as RFC2267 DDoS Working Group, was charged with finding methods to halt the attacks. Way back then, attackers temporarily had crippled such e-commerce giants as Yahoo, eBay, Amazon, CNN, eTrade and Microsoft. Policy groups, such as the one at N+I Atlanta 2000, urged cooperation and information sharing among user groups and law enforcement. Then attention to DDoS faded about the same time real-world terrorism made cyberterrorists seem docile and flaccid by comparison.
But rather than subside over time, DDoS attacks and the attackers who orchestrate them have stayed one step ahead of security professionals who have been forced to deploy increasingly sophisticated and costly defensive measures. Network operators are struggling now more than ever to contain globally distributed DoS attacks, according network security provider Arbor Networks' September 2005 Global ISP Security Report.
"More than five years after the initial flurry of network attacks, and the news articles and research papers that followed, DDoS remains the number one concern for large IP network operators," the Arbor Networks report said. "Sixty-four percent of the survey participants said, 'DDoS is the most significant operational security issue we face today.'"
There are different types of denial of service attacks, but a simple way to understand them is by using a telephone analogy. If hundreds of people dialed the same telephone number repeatedly, the result would a continuous busy signal, which would 'deny service' to legitimate callers by keeping the line unavailable. It could also result in the loss of revenue for an e-commerce site or damage to reputation or credibility, for example, for a news and information site.