Interesting People mailing list archives
three million dollar botnet attack in Japan
From: David Farber <dave () farber net>
Date: Sun, 1 Jun 2008 16:27:44 -0700
________________________________________ From: Rod Van Meter [rdv () sfc wide ad jp] Sent: Sunday, June 01, 2008 8:57 AM To: David Farber Subject: three million dollar botnet attack in Japan Dave, for IP, if you wish... http://www.yomiuri.co.jp/dy/national/20080601TDY01305.htm Botnet cyber-attack costs company 300 million yen Kenichiro Tanaka Yomiuri Shimbun Staff Writer A type of blackmail is increasing in Japan in which a blackmailer bombards companies' Web sites with data sent from tens of thousands of virus-infected personal computers to hamper browsing of their sites. Attackers demand money in return for stopping their cyber-attacks. A source said one major Tokyo company suffered more than 300 million yen in damage because access to its site was halted for a week due to the repeated "denial of service" attacks. Net security firms have issued an alert over this new type of blackmail. On Dec. 27, it became impossible to browse the Tokyo company's site for its normal offerings of travel, bar and restaurant information and the sale of daily commodities. Immediately afterward, a person claiming to be from a Net security company sent a e-mail in Japanese to the site operator. The mail read: "Is your company's Web site still inaccessible? There is a problem with your site so we're offering to fix it. The repair fee is 480,000 yen. If you don't pay the fee, you may suffer [further] attacks." The denial-of-service attacks continued for a week as the site operator ignored the perpetrator's demand for money. A check of communication records found the denial-of-service attack had sent data at a rate of as much as 6 gigabytes a second. This means that tens of thousands of personal computers were accessing the site simultaneously, causing the operator's telecommunication lines to break down. <snip> Speaking entirely personally, of course... Without going into a lot of analysis, if most of the botnetted machines doing the DOS attack are in China, that inevitably means that the international lines are heavily clogged; there are only a handful of those between China and Japan, and it should be relatively easy to install a block there (a bad solution in many ways, but a worse problem). (I haven't looked at the exact numbers on a recent map, but I doubt there's 50Gbps between China and Japan -- and there's *definitely* not so much bandwidth between the two that 50Gbps of DOS attacks would go unnoticed. The numbers in the article are probably off.) --Rod ------------------------------------------- Archives: http://www.listbox.com/member/archive/247/=now RSS Feed: http://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- three million dollar botnet attack in Japan David Farber (Jun 01)
- <Possible follow-ups>
- Re: three million dollar botnet attack in Japan David Farber (Jun 02)
- Re: three million dollar botnet attack in Japan David Farber (Jun 02)