In the early days it was extortion, asking for payment to stop the attacks. Today, business competitors may pay to attack other competitors, too. "You hear it all the time, especially in the casino space or the escort space," says Shawn Marck of Black Lotus. "The majority of attacks are economically motivated."
But political activism is also a factor these days as angry protestors supporting one cause or another are egged on by groups such as Anonymous to launch DDoS attacks. However, it's been the protestors joining the DDoS campaigns that get arrested more often than the organizers, notes Chris Risley, CEO at Defense.net.
Many governments are also believed to be making use of DDoS from time to time, say Lyon and Risley. North Korea is thought to attack South Korea this way, and the Iranians are believed by some to have been behind the widespread attacks against U.S. banks in the fall of 2012. Many more governments, including the U.S., also quietly have their hands on the DDoS trigger, they suggest.
For anyone who wants to launch a DDoS attack, it's quite simple to go online and pay as little as a few dollars as hour to buy the access to do it, according to Defense.net. There's also "advertising online claiming to test your systems for DDoS, when they're really conduits for selling DDoS services," says Lyon. He adds on Pastebin, you can find blatant ads for DDoS with guarantees it will work.According to the Prolexic report, the average attack duration totaled 22.8 hours. Attackers favored striking network infrastructure about three quarters of the time, with application-layer attacks taking up the remaining 23.4%.
Sign up for Computerworld eNewsletters.