- Devin Nunes’ lawsuit with Twitter over parody accounts inspires more parody accounts Tuesday 7:53 PM
- Alexandria Ocasio-Cortez posts SpongeBob meme to diss Green New Deal adversaries Tuesday 7:23 PM
- Twitter blasts Benny Johnson over heinous Native American ‘socialist’ reservations take Tuesday 6:16 PM
- New Zealand arrests 2 for sharing video of mosque shooting Tuesday 4:44 PM
- ‘Queer Eye’ season 3 serves more frothy fun and cathartic realness Tuesday 4:30 PM
- Everyone is roasting this photo of Kourtney Kardashian in a bubble bath Tuesday 4:15 PM
- White House report has a lot of superheroes listed as interns Tuesday 4:06 PM
- Google to launch ‘Stadia’ cloud gaming service this year Tuesday 3:55 PM
- Amy Schumer addresses her ‘Growing’ pains in new Netflix special Tuesday 2:04 PM
- This Bitcoin tie is everyone’s favorite part of the Theranos documentary Tuesday 1:56 PM
- Trump’s social media guru gets suspended on Facebook Tuesday 1:51 PM
- YouTube time traveler says he saw a dinosaur—in the future Tuesday 1:47 PM
- Why is Netflix changing the viewing order for ‘Love, Death & Robots’? Tuesday 12:47 PM
- Elizabeth Holmes’ deep voice captivates and confuses the internet Tuesday 12:40 PM
- These cat purses have everything you need (including balls) Tuesday 12:22 PM
For as little as $20 you can take a website offline.
Adam Mudd’s website, which he designed as a 15-year-old, earned him somewhere in excess of $385,000. It was marketed under disclaimer as a legitimate IP stresser, a tool for testing networks and servers. Titanium Stresser, though, was actually one popular vendor in a fledgling industry: DDoS for hire.
‘Booter’ services, as they are also known, advertise openly and operate as a normal businesses. One quick web search throws up hundreds of sites offering DDoS services for as little as $20. The Daily Dot came across the below booter website, Network Stresser.
It offers a full range of subscription offers, ranging from the $14.99 Bronze package to the $299.99 Platinum Lifetime offering:
Screenshot via Network Stresser
Price varies dependent on a number of factors, such as the intensity of the attack required and how long it should be sustained. Still, it can cost less than a monthly gym membership fee and, after an effortless transaction via PayPal, you’re ready to wreak havoc online.
Without getting too technical, a DDoS attack is a simple and seriously effective way to knock a website offline for hours by blitzing it with heavy traffic loads or junk data.
Often the target website’s application resources are overwhelmed and bandwidth drops out, ultimately forcing the site to crash—a denial of service. The attack is distributed in the sense that the attacker utilizes a coordinated network of malware-infected zombie systems or nodes (sometimes called a botnet) to shoot requests at the target website. In this sense, the attack appears to originate from thousands of IP-addresses and computer networks.
This type of debilitating cyberattack made the news in a big way in October, when a major DDoS attack took down a company called Dyn. Dyn manage the servers for some well known websites and social networks, like Twitter, Spotify, Sony Playstation, Netflix and Reddit. When Dyn dropped out, the sites became effectively inaccessible.
A DDoS can be vicious and the damage caused costs businesses dearly. A recent study commissioned by Neustar found that 82 percent of mid- to large sized organizations surveyed had suffered a DDoS attack. Further, the financial impact of a peak time attack could cost businesses between $100,000 to $250,000 per hour.
The size of the attacks being leveled at these companies is increasing, too, usually measured in bits-per-second and packets-per-second. More than half of the companies surveyed had to cope with attacks of up to 5Gb-per-second. Network Stresser, a highly rated DDoS-for-hire site, offers attacks of up to 120GB-per-second in combined power.
In the wake of the Dyn DDoS, it emerged that attackers had commanded a massive botnet of compromised internet-connected devices—chaos, caused by vulnerable webcams and DVRs. In Neustar’s survey, 80 percent of the companies attacked had adopted Internet of Things (IoT) devices as part of their infrastructure.
As far as cybersecurity experts are concerned, IoT devices with weak security protocols are the botnet armies of the future, ready to level governments and corporations in just a few clicks and for some pocket change.
David Gilmour is a reporter who specializes in national politics, internet culture, and technology. He previously covered civil liberties, crime, and politics for Vice.