Florida 'botmaster' charged with Akamai DDOS attack
A Florida man was in federal court today, accused of launching a DDOS attack on Akamai which brought much of the internet to its knees - for a few hours.
John Bombard, 32, of Seminole is charged with hacking into two computer systems as part of a scheme to build a botnet of "zombie" PCs to attack Akamai. According to the FBI, Bombard compromised these systems using a variant of the GAOBOT worm. The bot network assembled for the Akamai attack included PCs at "two major universities", which are not named. The FBI alleges that Bombard "directed communication from the university computer systems to the bot network from a computer located on his domain, f0r.org".
Akamai, of Cambridge, Massachusetts, has built a big web-hosting business, or so-called content delivery network, and includes Microsoft and Yahoo! as clients. With servers around the world, Akamai and its customers should be more resilient against DDOS attacks than most.
But on June 15, 2004, a DDOS attack exposed a weak underbelly. The culprit sent the rogue traffic to Akamai's DNS (domain name system) servers, and this had a knock-on effect to Akamai's customers. During the attack, net users could not get into Akamai-hosted sites or had trouble getting in. We assume that Akamai's DNS servers are much better protected these years. ®