Florida 'botmaster' charged with Akamai DDOS attack
Print storyInternet bombardment
Posted in Enterprise Security, 24th October 2006 23:52 GMT
Free whitepaper – Vulnerability management buyer's checklist
A Florida man was in federal court today, accused of launching a DDOS attack on Akamai which brought much of the internet to its knees - for a few hours.
John Bombard, 32, of Seminole is charged with hacking into two computer systems as part of a scheme to build a botnet of "zombie" PCs to attack Akamai. According to the FBI, Bombard compromised these systems using a variant of the GAOBOT worm. The bot network assembled for the Akamai attack included PCs at "two major universities", which are not named. The FBI alleges that Bombard "directed communication from the university computer systems to the bot network from a computer located on his domain, f0r.org".
Akamai, of Cambridge, Massachusetts, has built a big web-hosting business, or so-called content delivery network, and includes Microsoft and Yahoo! as clients. With servers around the world, Akamai and its customers should be more resilient against DDOS attacks than most.
But on June 15, 2004, a DDOS attack exposed a weak underbelly. The culprit sent the rogue traffic to Akamai's DNS (domain name system) servers, and this had a knock-on effect to Akamai's customers. During the attack, net users could not get into Akamai-hosted sites or had trouble getting in. We assume that Akamai's DNS servers are much better protected these years. ®
Airport insecurity: the case of lost laptops
Jump start your Application Security initiatives
Reducing messaging and web security costs with managed services
Avoiding 7 common mistakes of IT security compliance
Extended Validation SSL Certificates
Feds: Hospital hacker's 'massive' DDoS averted
Buggy 'smart meters' open door to power-grid botnet
Microsoft knew of nasty IE bug a year before attacks
BlockMaster SafeStick hardware-encrypted USB drive