Förderverein Informationstechnik und Gesellschaft
Wed, 08 Dec 1999 13:28:49 GMT
New denial of service attack involves simultaneous strikes from large number of remote machines
Further evidence of a new type denial of service (DoS) attacks with unparalleled potential for causing havoc has been uncovered by Internet Security Systems (ISS).
The attack involves co-ordinating a simultaneous DoS strike from an unusually large number of compromised and remotely controlled machines. ISS has issued an alert warning that a number of high capacity networks have already been subjected to this radical new type of onslaught.
This new approach to attacking a network was uncovered at the National Information Systems Security Conference in the US. Now, however, there is more evidence of how significant the approach is becoming.
The ISS alert describes the attack in uncompromising terms, calling it "more powerful than any previous DoS attack observed on the Internet," and adding that "ISS considers this attack as a high risk since it can potentially impact a wide number of organisations. It has proven to be successful and is difficult to defend against."
One professional security consultant, Ian Johnston-Bryden of Oceanus security says that although this isn't a ground-breaking discovery, it does illustrate an important direction because it makes it far more difficult trace an attack efficiently. "It's certainly quite easy to put this sort of thing together," he says. "But it is very difficult to be completely sure that it is actually a denial of service attack. I'm fairly sure it's going to be used much more for political attacks on Web sites. In HM government this is something that they are becoming increasingly concerned about."