- CNET NETWORKS UK BUSINESS SITES:
- atlarge.com
- BNET UK
- silicon.com
- SmartPlanet.com
- ZDNet.co.uk
Warning: Denial of service attack "very worrying"
By Nick Heath
Published: 6 March 2008 16:59 GMT
A major UK gambling business has warned that all commercial websites are at risk from a new type of unstoppable and undetectable botnet denial of service attack.
Security from A to Z
Click on the links below to find out more...
A is for Antivirus
B is for Botnets
C is for CMA
D is for DDoS
E is for Extradition
F is for Federated identity
G is for Google
H is for Hackers
I is for IM
J is for Jaschan (Sven)
K is for Kids
L is for Love Bug
M is for Microsoft
N is for Neologisms
O is for Orange
P is for Passwords
Q is for Questions
R is for Rootkits
S is for Spyware
T is for Two-factor authentication
U is for USB sticks/devices
V is for Virus variants
W is for Wi-fi
X is for OS X
Y is for You
Z is for Zero-day
Gala Coral ecommerce's gambling sites were taken down for almost 30 minutes by the next generation 10Gb distributed denial of service (DDoS) attack, delegates at the e-crime congress in London were told this week.
Attackers disguised the build up of traffic from up to 30,000 PC and Apple Mac botnet computers during the attack by analysing and reproducing the browsing habits of the sites' typical users.
Peter Bassill, information security officer with Gala Coral ecommerce, said attackers spent about four months infiltrating the sites ahead of the attack last year, using stolen credit card details to open the thousands of accounts needed to generate the huge volume of web traffic to swamp Coral's servers.
More worrying, during a second attack the botnet blocked attempts by the websites to stop them using a port firewall while continuing sending out data to carry on the attack.
Bassill said: "This is a very worrying step we have seen in botnets, we have no way of responding to this without working with law enforcement. The attacks will come from many hosts in small volumes and they are going to be very hard to spot.
"If they can do that to us, a large gaming company, than think what they could do it they find a way to target companies like BT or the nuclear power industry."
Bassill said DDoS attacks brought its websites down about twice per year and attacks were often preceded by demands for more than $100,000.
If it was undetectable, how did they notice it was...
Sebastian
A deeply insightful and much needed presentation w...
John Carrimore
> If it was undetectable,
> how did they notice ...
Dave Duchesneau
How was it established that there were Mac drones ...
Kaelin Colclasure
I guess the other question is... Considering that ...
Anonymous
Web Developer - Bank - Ecommerce - XML - XSLT - CSS- Javascript - DHTML - JSP. EXCLUSIVE TO HUNTRESS Web Developer - Bank - Trading - Ecommerce - XML ...
Role: Ecommerce / Web Product Manager - London Location: Central London (WC2) Salary: Competitive Type: Permanent Ticketmaster is the worlds leading ...
The scope of our development projects is vast and hence you can expect a truly varied role, working on projects such as cutting edge eCommerce ...
CIO Agenda 2008
The exclusive silicon.com CIO Agenda 2008 survey looks at the CIO's tech shopping list for the year, examines whether IT budgets are rising or falling and reveals what the pain points are for tech chiefs this year. Find out more in our latest special report.
Staffing Service Coordinates Sales Activities, Utilizes Business Intelligence With...
Teachers Association Turns to Centralized Data Repository to Improve Member Service
Financial-Software Leader Credits Productivity Boost, Reduced IT Costs to 2007 Software
United States Coast Guard Explores Potential to Enhance Training With Digital Note-Taking...
Stories from the web...
Copyright ©1995-2008 CNET Networks, Inc. All rights reserved. Top of page
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
RSS Feeds
silicon.com Dear silicon.com... XP lives, the femtocell 'truth', BlackBerry bashing… Reader Comments of the Week
Martin Brampton The Brampton Factor: Open source 'brotherhood' closed to co-operation Where's the real sharing?