NAVIGATION

January 18, 2018

Cyber-Security

Attack of the zombies and other cyber-battles

A cluster of Florida companies is carving out a niche in protecting others' websites and e-commerce.

Mike Vogel | 6/11/2012
Attack of the Zombies
[Photo: iStock]

Last August, most likely in a forgettable dwelling in a nondescript burg in a former Soviet republic, a young man sat down to his computer in the late afternoon to wreak a little mayhem.

We can only guess, but he might have learned his computer skills at a university; he might be a self-taught teen. Collaborating with fellow hackers in Kazakhstan, Belarus, Peru and the United Arab Emirates, he began typing in code, marshalling an army of personal computers all over the globe that the hackers had infected with viruses. Unknown to the owners of those computers, their machines had become zombies serving in a hacker-controlled squadron called a botnet.

The viruses enable the hacker to command the entire botnet to send a torrent of data — multiple hits on a web page or e-mails, for example — in order to overload a targeted website and knock out its web server or e-mail network. Such attacks are called DDoS — distributed denial of service.

With his forces in place, the hacker entered a final command, and the assault began.

The bull’s-eye last August was SpaFinder, a $60-million revenue company based in New York that sells gift certificates to 20,000 spas around the world.

The SpaFinder attack was two-pronged: The first was a Layer 4 attack, which essentially attempted to overwhelm SpaFinder with more electronic knocks on the door than it could possibly answer. In brick-and-mortar terms, it’s like a mob descending on a store, making nonsensical requests that tie up the clerks while real customers are stuck outside. Once, it took some real tech savvy to mount such an attack. Now there are downloadable “DDoS in a box” kits online.

The second attack was a more sophisticated Layer 7, meant to go deep into SpaFinder’s website and ask for files or make requests that tie up lots of computing power and space.

The DDoS hacker’s motive is unknown — he may only have been seeking bragging rights for taking down a company’s site. Some DDoS hackers have a grudge. A few use the DDoS attack as a smokescreen to sneak deeper into the site to steal customer passwords, money or credit card data. Some DDoS attacks come with ransom demands to lift the attack, though payoffs are rare.

Famously, the self-styled activist group Anonymous uses DDoS — even inviting people to join and providing how-to help — for its agenda. In June 2011, Anonymous launched DDoS attacks on a privately owned Orlando visitors guide website, Mayor Buddy Dyer’s re-election campaign site and other Orlando organizations over a dispute about feeding the homeless in a park.

Digital Access

DIRECT DIGITAL ACCESS
Add digital to your current subscription, purchase a single digital issue, or start a new subscription to Florida Trend.

TABLE OF CONTENTS
An overview of the features and articles in this month's issue of Florida Trend.

ACCESS THIS ISSUE »

Florida Business News

Florida Trend Video Pick

81 year old commercial crabber reflects on life on the Little Manatee River
81 year old commercial crabber reflects on life on the Little Manatee River

Gus Muench, 81, has over 200 crab traps in the Little Manatee River. He has lived on and crabbed this river since 1976. Today, he sells his catch and runs an eco-tourism business, Gus’ Crabby Adventures. 

Earlier Videos | Viewpoints@FloridaTrend

Ballot Box

Do you think Florida will prevail and get a favorable ruling at the U.S. Supreme Court in the water dispute case with Georgia?

  • No
  • Maybe some relief
  • Yes
  • Unsure, need to understand case better

See Results

Ballot Box
Subscribe