Raspberry Pi got DDoS’d

The attack was large. “For those interested, this one's quite hardcore,” tweeted the Pi. “We’re seeing a SYN flood from a botnet that seems to have about a million nodes.”

The big questions are who, why, and how. How is not so difficult: “The explosion of inexpensive and readily-accessible attack tools is enabling almost anybody to carry out DDoS attacks,” explains Jeremy Nicholls, a director at Arbor Networks.

But who and why is difficult. “It's a SYN flood - so we can't see them. Deeply aggravating,” tweeted the Pi.

“Arbor's 2013 Worldwide Infrastructure Report revealed that ideological hacktivism is perceived as the most common motivation behind DDoS attacks,” says Nicholls. “33% reported political and ideological disputes as motivation behind DDoS attacks. The next two motivating factors were online gaming and vandalism.” None of this seems to apply here.

One suggestion from @LittelCaesar was “It's as likely to be an angry and confused kid. Annoying... and they can't keep it up forever.” An alternative motivation, extortion, was warned off: “We will send no beans,” tweeted Pi, adding, “Like Her Maj's Government, we don't negotiate with terrorists,” and any demand note would get ‘plonked’ [binned].

Marty Meyer, president of Corero Network Security thinks it telling that extortion was one of the early options. “As Raspberry Pi have pointed out, they have not received any blackmail yet, but the fact that they are expecting that email goes a long way to show that companies are wising up to DDoS attacks, and the motivations behind the attacks. We whole-heartedly agree with Raspberry Pi that any blackmail should get ‘plonked’.”

The site is back up. Pi’s approach (“Waiting it out; something this big is expensive for them to maintain.”) seems to have worked. But the general feeling in the computing community is one of dismay. “It is a sad state of affairs that even charitable organizations are being attacked, and are expecting to be blackmailed,” said Meyer. “But it does show that any organization that relies on the Internet is a target.”

Raspberry Pi got DDoS’d

You may also like

DDoS Attacks Getting Harder to Detect

WikiLeaks DDoS arrests welcomed by Infosecurity Europe

DBIR: POS Attacks Wane, Cyber-espionage is Up

Malware attack recovery costs an average of $3,000 per day

Worldwide communications infrastructure faces APTs, bots, DDoS; mobile networks weakest

What’s hot on Infosecurity Magazine?

Russian Sandworm Group Hit 20 Ukrainian Energy and Water Sites

US Imposes Visa Restrictions on Alleged Spyware Figures

How to Backup and Restore Database in SQL Server

End-to-End Encryption Sparks Concerns Among EU Law Enforcement

Millions of Americans' Data Potentially Exposed in Change Healthcare Hack

Alarming Decline in Cybersecurity Job Postings in the US

North Korean Group Kimsuky Exploits DMARC and Web Beacons

Cybersecurity Pros Urge US Congress to Help NIST Restore NVD Operation

Russian Sandworm Group Hit 20 Ukrainian Energy and Water Sites

Dependency Confusion Vulnerability Found in Apache Project

Report Suggests 93% of Breaches Lead to Downtime and Data Loss

NIST Unveils New Consortium to Operate National Vulnerability Database

Incident Response: Four Key Cybersecurity Measures to Protect Your Business

Is MFA Enough? Strategies for Next-Level Identity Security in 2024

Disinformation Defense: Protecting Businesses from the New Wave of AI-Powered Cyber Threats

Navigating the Evolving Cybersecurity Compliance Landscape in 2024

Adapting to Tomorrow's Threat Landscape: AI's Role in Cybersecurity and Security Operations in 2024

Securing APIs in the Cloud Frontier

Infosecurity Magazine Spring Online Summit 2024: Day One

Infosecurity Magazine Spring Online Summit 2024: Day Two

Russia’s Midnight Blizzard Accesses Microsoft Source Code

I-Soon GitHub Leak: What Cyber Experts Learned About Chinese Cyber Espionage

LockBit Takedown: What You Need to Know about Operation Cronos

Women in Cybersecurity at Infosecurity Europe 2024