Sep 08 2007
The Danish security firm CSIS was taken down by a massive attack by Russian hackers last week by using a zombie network to perform a denial of service attack against them. The best guess why they where attacked might has to do that they accidentally scanned botnet servers and properly got attacked as a counter-measure.
Several other Danish security organisations are now afraid that similar attacks will aimed towards more sensitive targets such as large Danish ISP or governmental institutions. Shehzad Ahmad from DK Cert even talks about that the entire Danish internet could be taken down by a similar attack aimed towards CSIS, but in a larger scale.
The reason why Shehzad Ahmed claims that Denmark easily could be taken down is based on that the Russian zombie network has been estimated to consist of 1.7 million zombie-computers and that it only took them around 20.000 zombie computers to take down the central part of Estonian internet.
But on what grounds does DK Cert base their assumption that there actually would be any kind of interest to take down the entire Danish internet? And would they actually waste all 1.7 million bots on one attack? No I don’t think so. It’s all about making money. Quite a few of the bots are being used for sending spam and as well, once a while one can find adds at sites such as bulkerforum.biz where you can buy 1000 bots for as low as 20-30 USD. So for 200-300 USD you can finance your own little cyber attack with 20.000 bots and take down a small country! Or?