Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Raspberry Pi got DDoS’d

The attack was large. “For those interested, this one's quite hardcore,” tweeted the Pi. “We’re seeing a SYN flood from a botnet that seems to have about a million nodes.”

The big questions are who, why, and how. How is not so difficult: “The explosion of inexpensive and readily-accessible attack tools is enabling almost anybody to carry out DDoS attacks,” explains Jeremy Nicholls, a director at Arbor Networks

But who and why is difficult. “It's a SYN flood - so we can't see them. Deeply aggravating,” tweeted the Pi. 

“Arbor's 2013 Worldwide Infrastructure Report revealed that ideological hacktivism is perceived as the most common motivation behind DDoS attacks,” says Nicholls. “33% reported political and ideological disputes as motivation behind DDoS attacks. The next two motivating factors were online gaming and vandalism.” None of this seems to apply here.

One suggestion from @LittelCaesar was “It's as likely to be an angry and confused kid. Annoying... and they can't keep it up forever.” An alternative motivation, extortion, was warned off: “We will send no beans,” tweeted Pi, adding, “Like Her Maj's Government, we don't negotiate with terrorists,” and any demand note would get ‘plonked’ [binned].

Marty Meyer, president of Corero Network Security thinks it telling that extortion was one of the early options. “As Raspberry Pi have pointed out, they have not received any blackmail yet, but the fact that they are expecting that email goes a long way to show that companies are wising up to DDoS attacks, and the motivations behind the attacks.  We whole-heartedly agree with Raspberry Pi that any blackmail should get ‘plonked’.”

The site is back up. Pi’s approach (“Waiting it out; something this big is expensive for them to maintain.”) seems to have worked. But the general feeling in the computing community is one of dismay. “It is a sad state of affairs that even charitable organizations are being attacked, and are expecting to be blackmailed,” said Meyer. “But it does show that any organization that relies on the Internet is a target.”

What’s Hot on Infosecurity Magazine?