#DDoS #Lizard #Stresser #SME #Nepal #Cyber #Threat
Usually I don’t write big junk rather limiting myself within 140 character, I could not resist myself to write something until I saw the new tornado coming towards our cyberspace called “Lizard Stresser” (http://lizardstresser.su) a Distributed Denial of services (DDoS) as a service. I’ve seen few similar services available on cyber-underworld before, like “rental booters”, but when Lizard Squad itself lunches such services then its quite worrying since they have a history of bringing the Sony Playstation down for a long time. They claim that they have 5Gbps average, 20Gbps network.
Who are they ?
Lizard Squad are the black-hat hacker group. Their major attack showed-up on August 24, 2014 when the PlayStation Network was taken down via a DDoS attack. Then on December 8, 2014 the attack was repeated. Similarly on December XBOX live got the DDoS attack. On the same month The entire North Korea’s Network went offline and the Lizard Squad took credit.
So in 2014 the major cyber attack was performed by the same group, leaving the major vulnerabilities ( Heartbleed/Bash bug/Poodle etc) separately.
What is DDoS ?
DDoS attack is an attempt to make a machine or network resource unavailable to its intended users. In general term, you send too many traffic to the destination from distribute sources causing the server resources to optimum level. A powerful DDoS attack requires access to a botnet, a network of computers under a Attacker’s control, capable of generating large amounts of traffic. A DDoS attack does not involve breaking into someone else’s computer in any way. It doesn’t expose user data, doesn’t destroy files
What does this meant to SME ?
On the surface level, such services seems null but small and medium size organization should be worried especially now that their business nature is online. Every tom, dick and harry now can purchase this services (DDoS) from $3 to $309.99.
Price list of DDoS services offered by Lizard Squad
For instance, if you want to take one particular website down but you don’t have such technical skills or resources, you don’t have to be worry, you can simply pay them via bitcoin or paypal then everything is taken care by their bot. Here, the alarming part is, they have executed the biggest attack previously, with this fact they can turn any SME down whenever they want.
A $6 service could causes million dollar losses of any medium size organization. Beside that to prevent $6 attack now forces organization to upgrade their technology with huge investment.
Their highest tier of service allegedly lets customers launch attacks that will make a target inaccessible for about twenty days. Imagine if any online portal is inaccessible for 20 days? No one can tolerate such long down time. Imagine, unsatisfied employees or employees who recently got fired; or business rivals, they now can easily bring your organization down.
Impact in Nepal
In Nepal we have now many startup company based on online business. Many online portal such as online shopping, online food ordering system are exist and doing the business fine. Most of their services are placed on shared hosting servers, mostly in US as hosting service here in Nepal are too expensive. Some of the online news portal have subscribed the cloudflare service for load balancing but other startup cannot afford it.
We also have online banking service which is very popular among Internet generations.
If you are also wondering what if such DDoS attack is targeted to these services then we are like minded. I’ve been thinking: “what if these services goes down for 20 days or longer than that ? can they sustained their business ?”
None, but the nature of DDoS attack is different from real cyber attack. But with high technical resources such attacks can be mitigated or can be normalized. Last year Cloudflare survived the huge DDoS attack against their NTP protocol. But such technology cost huge investment and SME cannot invest on such technology.
From another dimensional, such services are now exposing their self and FBI like investigation teams are already on the way to tracing such attacker. Hopefully they will bring down their nexus :p