Born in the Days of Mass Email Spam, the Online Botnet Evolves Toward New Attacks
In the early days of spam email, unruly marketers would often send out their mailings from their own computers or others they had legitimate access to. Before long, those who had become sick of receiving such unwanted electronic missives realized that refusing to accept mail from particular machines would make life harder for the spammers. As spam email proved to be even more lucrative than had originally been hoped, the least scrupulous of spammers started looking for ways to take over other machines to use for sending out mass mailings. Some of these networks grew to number in the thousands of computers, making it almost impossible to block them all.
Unwanted commercial email is no longer the problem it once was, which means that networks of this sort are much less regularly used for sending spam. While Google and other email providers have come up with effective ways of blocking the vast majority of spam, though, the owners of those sprawling networks of compromised computers have come up with their own new ways of exploiting them.
Most often today, this means using the captured computers to conduct distributed denial of service missions, also known as "DDoS" attacks. Ordering their hundreds or thousands of network-connected computers to spew traffic at particular target sites, these attackers can easily bring the latter to a crawl, even crashing them.
In some cases, DDoS attackers pick their targets for social reasons, singling out those who offend them on Facebook or Twitter. While these thrusts can be annoying and disruptive, it is another kind of DDoS attack that is proving to be most costly.
In those situations, attackers take aim at businesses, flooding their websites and servers with so much traffic that they are no longer able to respond to legitimate users. That can lead to lost business for the companies that are attacked, along with a loss of confidence in their products, services, and levels of basic competence.
Fortunately, penetration testing of various kinds has proved to be capable of economically dealing with this threat. While there are a number of ddos protection providers around today, most focus on diverting underhanded traffic to networks that can easily sop it up, while routing the legitimate packets to places where they are welcomed. Companies like opticca security make it easy for their clients to line up the most appropriate kind of such protection for themselves, so that even the ever-evolving online criminals of today will be stymied from the start.
