DDoS extortion comes in many forms. Campaigns over the past three years have varied in their nature and continue to evolve over even the past few months. What lessons can be learned from the latest attacks? Dennis Birchard of Akamai shares insights on the attacks and the newest defenses.
"DDoS has undergone a serious change in attack strategy," says Birchard, Principal Enterprise Security Architect, Akamai Technologies. "In years leading up to this convergence, it really was used a means of gaining hacking credibility in the underground, taking out competitors or just disrupting business normality or the industry."
But a recent string of attacks has not followed convention, he says, and are worth study and discussion.
In an interview about DDoS and extortion, Birchard discusses:
- Characteristics of today's prevalent attacks;
- Anatomy of a typical extortion attempt;
- Tools and techniques to respond to these strikes.
Birchard has worked in the security industry for 12 years, and IT for 23 years. He joined Akamai in 2014 as part of its acquisition of Prolexic. He managed the day shift in the Prolexic SOCC for 4 years, which included the period of the Operation Ababil attacks against the US banks in 2012-2013, which was a very intense time in the Prolexic SOCC. He spends most of his time socializing industry, customer, and Akamai best practices for security operations, research, and engineering. He consults regularly with security professionals at numerous financial services firms and other Akamai customers, works with customer account teams, and supports and helps drive product innovation at Akamai. His biggest passion is threat research and collaboration between internal and external Akamai sources.