Bots Hammer Estonia In Cyber Vendetta - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Software // Information Management

Bots Hammer Estonia In Cyber Vendetta

With nearly all DDoS attacks and spam coming from bots, infections have become a growing concern for businesses as well.

To understand the threat that compromised computers known as "bots" pose to not only to individual companies but the Web as a whole, one has to look no further than the onslaught of crippling distributed denial-of-service, or DDoS, attacks Eastern Europe's Estonia has endured since the beginning of the month.

A number of the country's Web sites, including the one for its Ministry of Finance, have in the past two weeks been the victim of 128 different DDoS attacks, according to a security research site.

The attacks began in early May in protest to the Estonian government's removal of a Soviet-era memorial from the center of the country's capital, Tallinn. The country has been at odds with Russia since regaining its freedom from the former Soviet Union in 1991. Now Estonia has become the victim of a high-tech brand of vengeance, as botnets flood the country's networks with an overabundance of traffic in an effort to disrupt business and government functions.

The longest attacks themselves have been more than 10-and-a-half hours long sustained, "dealing a truly crushing blow to the endpoints," Arbor Networks senior security engineer Jose Nazario wrote Thursday in a blog entry. The Arbor Threat Level Analysis System, or Atlas, has been tracking Estonia's botnet troubles. "When you think about how many attacks have occurred for some of the targets, this translates into a very long-lived attack," he wrote.

Of the attacks Arbor has measured, 10 were at 90 Mbps and lasted more than 10 hours. "All in all, someone is very, very deliberate in putting the hurt on Estonia, and this kind of thing is only going to get more severe in the coming years," Nazario wrote. Increasingly, botnets are responsible for 99.9% of all DDoS attacks, which pose a threat even to the largest carrier networks, says Arbor Networks chief research officer Danny McPherson. "Every time I see an attack on the Internet, I think about what's motivating the attack, whether it's religious, political, monetary, or something else," he told InformationWeek. More interesting than the size and frequency of the Estonia attacks is the context of the attacks, which is primarily political. Adds McPherson, "We see this as an act of war on the state."

The word "bot" generally refers to a compromised computer infected with malware that allows the compromised computer to be remotely controlled. Along these lines, a "botnet" is a collection of bots under the same controlling entity. This entity can communicate with different bots individually; it doesn't have to necessarily send them all the same commands. Botnet attacks aren't limited to Eastern Bloc turf wars; they've also penetrated the likes of the U.S. Department of Defense, Argonne National Laboratory, and the Alabama Supercomputer Network, InformationWeek reported last October.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
1 of 2
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Remote Work Tops SF, NYC for Most High-Paying Job Openings
Jessica Davis, Senior Editor, Enterprise Apps,  7/20/2021
Blockchain Gets Real Across Industries
Lisa Morgan, Freelance Writer,  7/22/2021
Seeking a Competitive Edge vs. Chasing Savings in the Cloud
Joao-Pierre S. Ruth, Senior Writer,  7/19/2021
White Papers
Register for InformationWeek Newsletters
Current Issue
Monitoring Critical Cloud Workloads Report
In this report, our experts will discuss how to advance your ability to monitor critical workloads as they move about the various cloud platforms in your company.
Flash Poll