Media Release
The recent DDoS attacks against many of the North American financial firms had some unique characteristics that put a strain on the defences in place and resulted in a number of well publicized service outages. The escalating threat is not new. It’s been steadily building up over the last few years as botnet command and control has matured, the tools available to exploit those botnets have gone mainstream, and the cost of using the tools has plummeted. What the attacks did do is raise the industry’s collective consciousness around how bad the situation has gotten. The effectiveness of the attacks has changed the way that Internet operators, whether service provider, hosting provider, government or enterprise think about their defences. It has also raised a number of troubling questions.
The most common question that I have been asked is around the growing size of attacks and the capacity of Internet operators to withstand such threats. How big does an attack have to be to overwhelm the biggest, most prepared financial company? How big does an attack have to be to overwhelm the biggest and most prepared service provider? Is there an Armageddon attack on the horizon that threatens to take down the entire Internet? There are indications that this could be the case.
