Information Security News: ISP Collaboration needed On DDOS Threat

[InfoSec News <alerts () infosecnews org>]

http://www.online-casinos.com/news/news4395.asp

Online-Casinos.com
April 19, 2007 

ONLINE GAMBLING COMPANIES NEED TO WORK CLOSER WITH ISPs ON DDOS THREAT
 
Chief techie at Betfair estimates there are now 30,000 malicious botnets 
out there
 
Rorie Devine, the chief technology officer for the international online 
betting exchange Betfair, told a conference in London this week that 
Distributed Denial of Services attacks was a serious threat, and that 
businesses must work more closely with ISPs to prevent hackers from 
launching successful assaults designed to take sites offline as a basis 
for criminal extortion.
 
Devine revealed that most DDoS attacks are caused by hackers using 
botnets, large numbers of compromised computers used to send massive 
amounts of data to overwhelm a webserver. Devine said that in 2000, 
there were only six botnets in existence - now there are around 30,000.
 
"China, rather than Eastern Europe seems to be the new 'centre of 
excellence' for botnets," said Devine. "And the attacks have got a lot 
bigger, really!"
 
The biggest botnet identified thus far mustered an incredible 75,000 
compromised hosts, and Devine said that organisations needed layered 
defences to protect themselves against such attacks as there was 'no 
magic box or device' that could undertake the task by itself.
 
"Concurrent connections, not bandwidth, are your scarcest resource," 
said Devine. "You need to swim faster than your buddy."
 
Addressing the same conference, Marino Zini, head of managed services at 
ISP Clara.net said that "DDoS attacks are a very real concern for any 
business involved in e-commerce or hosting business operations online. 
By addressing the causes of downtime, businesses can learn how best to 
conduct commercial activity online and plan for a reliable and secure 
future," he said.
 

__________________________
Subscribe to InfoSec News
http://www.infosecnews.org