On Monday this week there was a very interesting post by Andy Greenberg a blog writer for Forbes.com which introduces a botnet herd standing by for payment and targeting instructions to launch a powerful Distributed Denial of Service (DDoS) attack. It appears based on his research that the botherd called "I'm DDOS" and available at "IMDDOS.org" is supposed to be used for testing purposes, however it is not clear how any type of target validation would or could be done by the company running the service to validate the target belongs to the attacker. You can see from the User Interface (UI) that the service looks to be fairly easy to use making it a likely attack tool for anyone with minimal computer skills and a grudge.
As with pioneers in computer infrastructure as a service, such as Salesforce and Amazon’s EC2 cloud, cyber arms dealers have begun asking customers, “Why buy when you can rent?” Renting cyber attack capabilities allows a political activist, terrorist group, or nation state to launch an attack on an online application - on demand. Those familiar with Cloud Computing and Software as a Service should recognize this as being the malicious equivalent - "hacking as a service".
This is interesting timing as I recently gave a breakfast panel presentation where I talked about the problem of "good vs. evil" in development of new capabilities characterized as Cloud computing. I see this as just another example of the new breed of cyber capabilities we will see in these times of on-demand computing.
I also highlighted a DEFCON 18 presentation which did a proof of concept to show a cloud-based Distributed Denial of Service (DDoS) capability.
I also highlighted a DEFCON 18 presentation which did a proof of concept to show a cloud-based Distributed Denial of Service (DDoS) capability.It is clear that the "?? as a Service" model is going to be popular for people wanting to bring their products to market quickly and for those that want to see results with minimal up front capital costs.
The site requires a java script even to enter. Will some body clarify if it is safe to enter the site?
ReplyDeleteThe company that allows a probe into its security system must give a legal consent to the moral hacking school in writing.https://hackolo.com
ReplyDeleteThe ethical hacking salary within most companies is comfortably high (relatively speaking) and rightfully so because as aforementioned, they are saving the company a lot of money, and require specialist skills. BluePortal.org
ReplyDeleteMy friends told me read this article and that's probably the only good thing they've told me to do. I got a mail from one of my friends that said click here and I did and this article opened. I read the article and I think that this article is one of the most incredible articles that I have read in my whole life.
ReplyDeleteThis knowledge is often always abused to get access to confidential information such as personal information, financial information and other such confidentialities.Wireless Hacking
ReplyDelete