DDoS: Why Attackers Do the Things They Do

As news of the Facebook and Twitter DDoS trickles in, I ponder why attackers launch attacks in the way they do. I don't even really consider why they do it, just why they take a certain approach.In the case of this week's attacks, it is said the attacker(s) are targeting one user by performing a DDoS of the services where this user disseminates information. Here is the problem, Twitter and Facebook scale. In order to take down the systems hosting the content of the single user, the attack must scale even larger. It appears Twitter doesn't scale as well as Facebook, no surprise there #FailWhale.

If the goal is truly to silence one user's voice, why not properly align the attack with the goal? Attack the points that would truly affect that user. These attacks, if executed properly, could be much more affective, draw less early warnings, and be much harder to stop.

While I have a few ideas, the Editors who review my posts may have a heart attack and /kb me (that is "Kick Ban" for you non IRC users) for posting such things in the midst of on going attacks. Just as a hint, find the single points that affect individual accounts and that is not the URL to the user's presence on the service.

Lack of originality if the reason I think these attacks are being carried out in this manner. When someone wants to suppress information online they bring together as much bandwidth as possible and overwhelm systems. Utilizing the same infrastructure, the same goal could be reached but in a way that doesn't bother the rest of us and is much more affective.

Off to hack the planet. Tweet me @adamely.