Trend Micro expert predicts escalating DDoS attacks

According to Rik Ferguson, Trend Micro's solutions architect, last month's online attacks on MasterCard and PayPal – which were attributed to the Anonymous activist group – could portend more serious developments.

"In fact, we could soon see the first global digital riot", he said in a guest column on the ZDNet newswire.

"Is this is the new revolution? Are online protests happening on a huge scale, involving tens of thousands of volunteers? I am talking about the actions taken by Anonymous, the loose online collective and its growing army of hangers-on and coattail-riders", he added.

Ferguson went on to say that tens of thousands of volunteers are downloading tools that enable them to participate in the global assault on businesses with which they feel personally aggrieved.

The latest version of the LOIC utility, he adds, now includes features that allow the user to hand off control of their weaponised computer to a central authority to direct and control the attacks.

Trend Micro's security solutions architect, who has been monitoring the Anonymous attacks since the beginning, says that new variants of LOIC – including a JavaScript edition, JS-LOIC – have now appeared.

What's interesting about JS-LOIC, Infosecurity notes, is that the program code has been extensively rewritten, adding support for other command-and-control methodologies, including Facebook, RSS and Twitter, to the communications mix.

And it's against this backdrop that Ferguson argues that, with the right tools, it doesn't take more than a couple of hundred well-connected hosts to overwhelm most mid-sized web farms.

"So although the statistics on the real size of these recent attacks are not yet worthy of the cyberwar headlines they have attracted, this new trend is clearly cause for concern", he said.

"The game has changed. Right now we are looking at the online equivalent of a student sit-in, but the wide availability and the rapid development in sophistication of attack tools is concerning. The widespread willingness of volunteers means it is possible that we will see the first global digital riot before long", he added.

As reported previously by Infosecurity, Trend Micro's security expert notes that participation in DDoS attacks is explicitly illegal in many countries.

For this reason, Ferguson predicts that the spoofing of IP addresses – which makes the task of tracking down a DDoS attacker more difficult – will arrive in future LOIC-like applications.

But it gets potentially worse, as he asks what would happen if criminals were able to exploit a vulnerability in LOIC, either to compromise each zombie or to usurp the command-and-control infrastructure to perpetrate more familiar cybercrimes.

"Would every user still be such a willing zombie?", he said.

What’s Hot on Infosecurity Magazine?