Experts argue over future of DoS

Widespread denial of service (DoS) attacks could soon be a thing of the past as criminals try to stay undetected and look to find more effective ways of making money, according to managed security specialist Network Box.

Managing director of the firm Simon Heron told IT Week that although attacks may still be launched sporadically out of vindictiveness, they will largely disappear as a means of extorting money from firms, because of the danger of getting caught and the risk of losing control of the bot net.

"This is a risky business because [as a criminal] you're raising your head above the parapet, " he added. "An attack creates an impetus for people to investigate and work out how to find the command and control channel."

Bot nets will instead be used increasingly for other money-making activities such as sending phishing emails, spam and keyloggers to commit identity fraud, Heron argued.

But Andy Kellett of analyst Butler Group said that there are still a lot of money making opportunities for hackers out of DoS attacks, and that the bot nets themselves are now so easy to create that criminals would not be so reluctant to risk losing them.

"There are still times of the year when DoS attacks work well across a number of industries," he added. "It's easy to put together bot nets [which means] they can use them and throw them away, so if they are dying out it's because organisations are finally using the appropriate security solutions to identify them."

Furthermore, DDOS mitigation specialist Prolexic has uncovered new trends in DDOS attacks which show that this form of attack is still a popular way for cyber criminals to make money.

The firm highlighted a new way hackers are using Peer-to-Peer networks in order to control PCs more easily, which involves changing the admin function in the P2P hub server so as to connect all the file sharing PCs to a victim's web server.

"Classically they would put malware on PCs to create a bot net, but this is getting harder to do," explained Prolexic chief technology officer Paul Sop. " So the criminals [found a way] of controlling hundreds of thousands of PCs without talking to them."

Sop added that there is actually very little chance of DOS attackers getting caught today, and that new techniques such as browser-based malware written in JavaScript or Flash and capable of rapid PC infection make the criminal's task much easier.

"This is malware-light but it can still be used to [compromise PCs and] launch full-scale DOS attacks without ever needing to infect the web server," explained Sop. "There's no easy architectural fix for it so we're likely to see it exploited more and more in the future."