Botnets for hire: £6 an hour
Online criminals can rent out a botnet for as little as £6 an hour, according to research from net services provider VeriSign.
The research investigated the work of 25 bot herders working across three forums. Verisign says the results show a worrying trend that could see companies increasingly under threat from Distributed Denial of Services (DDoS) attacks.
“Organisations need to be wary of the fact that their critical online applications or services could be taken down in under a day by a criminal renting services from bot herders at just £6 an hour,” said Rick Howard, director of intelligence at VeriSign’s research arm, iDefense.
“Traditionally, businesses have tried to cope with DDoS attacks through bandwidth over-provisioning, but this is costly and ineffective given the increasing scale and sophistication of attacks.”
According to VeriSign, bot herders use many of the techniques employed by legitimate online businesses, including forum marketing and banner advertising.
One bot herder outlined the pricing structure for the take-down of sites with anti-DDoS measures. VeriSign claims the findings of the research signify a worrying trend – that the affordable services advertised by bot herders enable even unskilled cyber criminals to mastermind DDoS attacks.
“While these attacks are becoming increasingly sophisticated, the criminals targeting your business may not be,” said Howard, adding that they could be perpetrated by “any criminal with an internet connection and a little cash to spare”.
According to VeriSign, the crime-for-sale services advertised could use a variety of protocols to launch an attack, including ICMP, SYN, UDP, HTTP and HTTPS.