Newsletters
News & Information for Technology Purchasers NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
This ad will display for the next 20 seconds. Please click for more information, or scroll down to pass the ad, or Close Ad.
Home Enterprise I.T. Cloud Computing Applications Hardware More Topics...
Vblock™ Systems:
Advanced converged infrastructure
increases productivity & lowers costs.

www.vce.com
World Wide Web
24/7/365 Network Uptime
Average Rating:
Rate this article:  
Reddit Is Targeted with a DDoS Attack
Reddit Is Targeted with a DDoS Attack

By Jennifer LeClaire
April 19, 2013 2:13PM

    Bookmark and Share
The challenge with DDoS attacks like the one that hit Reddit is separating malicious traffic from legitimate, said security analyst Alex Horan. "If you wait until the traffic hits your site to make that distinction, it is too late. You are wasting processing time and bandwidth making that determination," he said.
 


Reddit got a black eye this week after being hit with a distributed denial of service (DDoS) attack Friday morning. The attacks left the site dark for a while and with spotty service well into the afternoon.

"Having some technical difficulties right now. We'll be back ASAP," the @redditstatus Twitter feed reported before sunrise on the East Coast Friday morning. About 6:30 a.m., the site noted it was "working on mitigating a malicious DDoS attack." Within 30 minutes, the site seemed to be up and running again but some of the functions were still hurting from the fallout.

The Whys and Hows

Alex Horan, senior product manager at Core Security, said the important point about DDoS is the initial 'D' for Distributed. In other words, Reddit could not easily distinguish between legitimate traffic and attack traffic.

"If you wait until the traffic hits your site to make that distinction, it is too late. You are wasting processing time and bandwidth making that determination," he said. "You need to work with the downstream Internet providers to make that distinction as close to the source of each of the nodes participating in the attack and drop the traffic there. This, in theory, could make the whole Internet faster, as less of this malicious traffic would make it to the shared information superhighway."

Horan said understanding the motive of the attackers is useful for the general community. Of course, he added, consumers shouldn't necessarily change our behavior because of the threat of a DDoS.

"It is important to learn the whys and the hows of these attacks and attackers so we can better anticipate what actions might provoke them," he said, "so we can be forewarned -- and technically what actions they will take so we can apply the right defenses -- be forearmed."

Sending a Message?

Richard Westmoreland, lead security analyst for the Security Operations Group at SilverSky, said DDoS attacks are normally launched to send some form of a message and can vary greatly in terms of their sophistication.

"It has been widely speculated in federal circles that due to the sheer mass and complexity of these recent attacks that they are the result of an escalating cyber war with Iran. DDoS attacks have become the preferred and paid weapon for many politically motivated groups," Westmoreland said.

"This is both a scary and positive aspect to these types of attacks. The negatives are that they are perpetrated by professionals who have the skills and resources to effectively launch these attacks, and there is little that can be done to stop them. The consolation is that these attacks are generally shorter in duration before moving on to other targets."
 

Tell Us What You Think
Comment:

Name:



APC has an established a reputation for solid products that virtually pay for themselves upon installation. Who has time to spend worrying about system downtime? APC makes it easy for you to focus on business growth instead of business downtime with reliable data center systems and IT solutions. Learn more here.


 World Wide Web
1.   Google Maps, Now with Time Travel
2.   NYPD Twitter Campaign Backfires
3.   Net Gets Faster, But Easier to Attack
4.   Verizon Report Exposes Cyberthreats
5.   Aereo CEO Speaks Out on Future


advertisement
How Are Web Sites Post-Heartbleed?
Questions on open source, security.
Average Rating:
Heartbleed Exploit Could Cost Millions
But it could have been prevented.
Average Rating:
Don't Reset Passwords for Heartbleed?
Added caution needed to ensure security.
Average Rating:
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
What Verizon's Data Breach Report Can Teach Enterprises
It’s probably not a jaw-dropper, but cyberespionage is officially on the rise. And the use of stolen or misused credentials is still the leading way the bad guys gain access to corporate information.
 
Top Cyberthreats Exposed by Verizon Report
Beyond Heartbleed, there are cyberthreats vying to take down enterprise networks, corrupt smartphones, and wreak havoc on businesses. Verizon is exposing these threats in a new report.
 
Where Do Web Sites Stand, Post-Heartbleed?
A security firm says the vast majority of Web sites have patched themselves to protect against the Heartbleed bug, but now there are questions raised on the reliability of open-source programs.
 

Navigation
NewsFactor Network
Home/Top News | Enterprise I.T. | Cloud Computing | Applications | Hardware | Mobile Tech | Big Data | Communications
World Wide Web | Network Security | Data Storage | Small Business | Microsoft/Windows | Apple/Mac | Linux/Open Source | Personal Tech
Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters | XML/RSS Feed

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.