Peter Cochrane's Blog: Dodging denial of service

The secret is not to present a large target to the enemy...

Written on the M6 while being driven to Manchester and dispatched to over a hotel LAN.

Succumbing to a denial-of-service attack is symptomatic of old thinking and legacy technology.

Before the invention of gunpowder and the cannon, a fortress might have made sense. Marching around a battlefield in a bright red tunic became suicidal when the slit trench, sharp shooter and machine gun arrived.

Camouflage and presenting a low target profile while moving at the right time are proven survival techniques in any theatre of conflict. And moving under the cover of darkness can improve the odds of survival even further, despite the invention of radar and night-vision technology.

The parallel between dodging bullets and dodging bits is now marked with the rise of denial-of-service attacks becoming a regular feature of internet life. But most websites, web servers, hubs and terminals are static, very visible and take no avoiding action. Firewalls are mostly ineffective against determined attackers, and the insider threat remains largely ignored despite generally being acknowledged as the biggest risk.

Denial-of-service attacks: Why make it easy for the criminals?

Every machine, server, ISP and network node is a potential point of entry, so why make it easy for the criminals?
Photo: Shutterstock

So it is not too hard to guess what those companies and institutions are doing that quietly go about their business while the rest are left reeling from yet another broadside from the bad boys. It is also obvious the denial-of-service attacks are not about to cease. A growing and invisible army of compromised machines, or botnets, is now a fact of internet life.

We should therefore view attacks like snow in winter - no big surprise. But the power to repel or disable the attackers lies with industry, governments and us as individuals. Every machine, server, ISP, and network node is a potential point of entry, so why make it easy for them?

There are people who actively participate in the dark side, as well as those who refuse to take precautions against botnets, or through ignorance, don't know any better. There are also countries, ISPs and network providers who open the floodgates to everything. But we have reached a point where responsibility ought not to be optional.

If we don't want to suffer damage, history tells us not to build fortresses, stand still, make ourselves stand out, or present a large target profile to an enemy. It appears some have figured this out, but many have not.

Perhaps the next big opportunity for the majority is moving to the cloud, where a lot of this security will conveniently come free or at a very low cost. It will certainly become easier to identify the problem areas and isolate them, and rescue the problem children.