Zombies, Pizza and Cyber-attacks: A Story of the DDoS Attack
In our complex world of cyber-attacks and cyber security, there is a lot to understand and prepare for. There are many terms thrown around that all mean one thing to most of us – bad news. But what is really behind something like a DDoS attack? What does it really mean other than something bad has occurred and how does it really work?
As a father, I have found that telling stories always helps to put things into context. So without further ado.
“Zombies, Pizza and Cyber Attacks: A Story of the DDoS Attack”
Business is booming at Tony’s Pizza, and that’s because Tony, the owner and manager, found the winning recipe for his business: A delivery-only restaurant that sells quality food, made fresh for a moderate price. Customers took notice and they are flooding the phone lines with orders.
But all of this success has also attracted some less desirable attention; Vito, a local small-town criminal, has sent his goons to collect protection money from the successful business. Tony refused to pay, and the goons vowed to come back. But Vito and his goons were in for a surprise: disrupting Tony’s business proved very difficult. Tony invested in security cameras, reinforced doors, smoke detectors, hired guards. As hard as they tried, they just couldn’t get in, and without getting into the restaurant, how could they ruin business for Tony?
Securing your data systems is a good first step. Stopping the bad guys from getting in will protect you from many different types of cyber attacks.
Sitting around, smoking his cigar on a Sunday afternoon, Vito was really depressed. It looked like Tony had him beat with his top-notch security. But then he had an idea! “So what if I can’t disrupt the restaurant itself”, he thought, “cooking food is not how Tony makes money, the core of the business is selling the food. If I can get in the way of him taking orders, he will have to pay me to stop!”.
Knowing that all of Tony’s sales come from phone orders, Vito gave his goons a simple task: Go home, and start calling Tony’s. You can place a fake order, make a prank call, or just sit there and wait for the restaurant to hang up, it almost does not matter. As soon as the call is over, make another call, and then another.
That evening, the phones at Tony’s were ringing constantly, but business was actually very slow. At first, Tony opened two more phone lines and called in two more workers to answer the calls, but it was no use. The influx of calls was just too great to handle and real customers were unable to get through to order pizza. The fake calls clogged the system.
Vito had just carried out a simple Denials of Service Attack (DoS). He did not break into the business. Instead he overwhelmed the phone system to block legitimate customers from getting the service they want. Not only is Tony losing business, he now has to pay for two more employees to answer phones. Things are now looking good for Vito. And just like Tony’s phone system, your public-facing data systems can also be overwhelmed by an attack designed to send a large volume of fake requests.
Later that evening, some of Tony’s most loyal customers gathered outside the restaurant in a show of support while Tony sat down to look at the phone logs. He quickly realized that almost all of the calls came from a handful of phone numbers. He configured his phone system to block the offending numbers and went outside to meet his customers and the evening news crew, carrying trays of free pizza. “Our phone system was attacked by a criminal” he declared to the camera “But Tony’s Pizza is back in business. Call now to order!”.
Simple Denial of Service Attacks can cause disruptions, but can usually be blocked as soon as you identify the source of the attack.
As you would expect, Vito was more depressed than ever; not only was his short-lived attack blocked, it had earned Tony free publicity (also, he was out of cigars). “I will never mount another Denial of Service Attack again”, he muttered.
Just then, the doorbell rang. Vito opened the door and a quirky looking old man stepped in. “My name is Professor Spiff, and I’m here to help!” he declared. Vito sat down to listen to the professor. “Your attack failed because you only called from a handful of phones” said the professor. “I cannot afford any more goons”, Vito replied. “A ha! But you don’t need any more goons!”. Vito’s eyes widened and he listened intently. The professor explained: “I have developed an ingenious virus and infected some of the town’s people with it. It spreads from person to person and by now about fifty thousand of the town’s residents are infected. As soon as I give the signal, the infected residents (I like to call them “my little zombies”) will stop whatever they are doing and do exactly as I say. For a fee – of course – I will instruct my zombies to place fake phone calls to Tony’s. You win!”
The professor is offering a Distributed Denial of Service Attack (DDoS). By using a large network of agents that he controls he can orchestrate a much larger attack originating from many different directions. In the cyber world, Botnets (networks of computers infected with malware and controlled by a hacker) can be used to carry out similar attacks on web servers, email servers and other business services.
When the phones began to ring again Tony rushed to check the phone logs, but this time he could not identify a small group of numbers to block. Tony’s was unable to take orders for hours while he worked with the phone company to identify and block the thousands of attackers. Tony’s was back in business the next day, and the city launched a campaign to find and cure Professor Spiff’s zombies. Order was eventually restored. However, in his lab, the professor was hard at work developing his next virus.
Cyber DDoS attacks pose a real challenge. While attacks vary in severity, they can often knock systems offline for hours at a time. The hackers are always working on new ways to cause havoc.
For more information on cyber security, security awareness and security incident response contact us or visit our website www.vaporstream.com.