首页 > 技术点滴 > DDoS Timeline-The History & Changing Nature of DDoS Attacks

DDoS Timeline-The History & Changing Nature of DDoS Attacks

2013年8月7日 baoz 阅读评论



While DDoS attacks were originally used by computer whiz kids for fun, they soon grew into a powerful extortion tool used by organized crime, and more recently a protest tool by politically or religiously motivated “hacktivists.”  We are now entering an era where state actors, with deep financial resources at their disposal, have realized the efficiency of DDoS as a weapon of international warfare. Take a look at our DDoS timeline which chronicles they key events our team has seen in the world of DDoS over the last two decades.

  • First ICMP / Ping floods

    First occurrence of the -f (flood) command in ping.c source code.

  • The first homeland of DDoS

    Eris-Free Network (efnet) created

  • First high profile DDoS attack

    The earliest high profile case was the NY ISP Panix.com that was nearly put out of business in 1996

  • First CERT DDoS Advisory

    Computer Emergency Response Team (CERT) Advisory CA-96.21 TCP Syn Floods using spoofed IP addresses

  • First Publicly Available DDoS Tool Released

    Trinoo: The first publicly available DDoS tool released

  • DDoS attacks morph

    SMURF Attacks — “smurf.c”, the source code of the attack program, which was released in 1997 by TFreak Ping of Death (DoS)

  • ICMP / Ping floods grow

    EFNet Deploys CHANFIX due to large string of DDoS attacks

  • DDoS attacks expand

    CERT releases Incident Note 99-04 mentioning widespread intrusions on Solaris RPC services

  • Industry experts combine to address DDoS Threats

    Final draft of Trinoo analysis and TFN analysis finished in preparation for the Distributed System Intruder Tools Workshop (DSIT) workshop.

  • DDoS hits mainstream media

    ISS releases an advisory on Trinoo/TFN after first non-technical mention of DDoS tools in a USA Today article. CERT releases final report of the DSIT workshop.

  • US Government takes note of DDoS

    National Infrastructure Protection Center (NIPC) sends a note briefing FBI Director Louis Freeh for the first time and then Attorney General Janet Reno.

  • CERT releases Advisory 99-17 on Denial-of-Service Tools (covers TFN2K and MacOS 9 DoS exploit).

  • CERT and The Federal Computer Incident Response Center (FedCIRC) jointly publish Advisory 2000-01 on Denial-of-Service Developments.

  • 15 year old boy shows how easy DDoS attacks can be

    “Mafiaboy,” a.k.a. 15-year-old Michael Calce launched “Project Rivolta,” which took down the website of Yahoo. He was sentenced to eight months in a juvenile detention center.

  • CERT warns of trend in self-propogating worms

    CERT Notes “Advances in intruder automation techniques have led to a steady stream of new self-propagating worms in 2001, some of which have been used to deploy DoS attack technology.”

  • Attacks grow from Mbps to Gbps

    3 Gbps DDoS attack to Efnet -July 2001

  • Scope of DDoS attacks expands

    Media reports “Nine of the 13 “root” internet servers that direct all web traffic around the globe were subjected to a serious DDoS attack”

  • Barrett Lyon founds company to defend organizations against DDoS attacks

    Mydoom infects thousands of victims to attack SCO and Microsoft. Barrett Lyon founds first successfully managed service to defend enterprises from DDoS attacks

  • Online payment systems attacked

    A series of DDoS attacks in April targeted online payment processing firms Authorize-IT and 2Checkout. Both those attacks were later attributed to extortion schemes in which attackers threatened to knock the firms’ web sites offline.

  • Extortion schemes expand

    In August 2005 the Hamburg-based gambling site jaxx.de was blackmailed to pay 40,000 euros to stop an ongoing DDoS attack

  • Small scale DDoS attacks from religious groups

    A series of DDoS attacks targeted the blog of Michelle Malkin, who led a movement among bloggers to mirror the controversial cartoons of the Prophet Mohammad that initially appeared in a Danish magazine. The attacks began Feb. 15, and escalated on Feb. 23, when an attack from a botnet in Turkey forced Malkin to post on the Pajamas Media weblog until her main site was available again.

  • State sponsored DDoS attacks cripple a small nation

    Two days of rioting by ethnic Russians quickly transitioned from the real to the virtual world, as government web sites came under DDoS attacks so severe that many agencies shut off access to IP addresses outside Estonia for several days.

  • The Anonymous hacktivist collective arrives on the DDoS scene

    The Anonymous hacktivist collective, first came to public attention in January 2008. Scientologists requested YouTube to remove a video starring Tom Cruise. Members of Anonymous launched “Project Chanology,” distributed denial-of-service (DDoS) attacks

  • Larger scale state sponsored cyber attacks appear

    The July Cyber Attacks: The first wave of attacks occurred on July 4, 2009 (Independence Day holiday in the United States), targeting both the United States and South Korea. Among the websites affected were those of the White House and The Pentagon. An investigation revealed that 27 websites were targets in the attack based on files stored on compromised systems

  • Hactivism grows in popularity and power

    Operation Payback was an effort to back WikiLeaks. DDoS attacks against the websites of MasterCard, Visa & PayPal, highlighting their refusal to accept donations bound for WikiLeaks.

  • State sponsored cyber-terrorism dragged into the daylight

    Stuxnet worm discovered in June 2010 and believed to have been created by a state such as the United States or Israel, was the first discovered malware that spies on and subverts industrial systems. Brought state sponsored cyber-terrorism to the forefront

  • Hactivism contiues to grow

    The CIA website at cia.gov fell foul to a distributed denial-of-service (DDoS) attack by hackers from the notorious LulzSec hacktivist group

  • US government acknowledges the US financial services infrastructure under attack

    Secretary of Defense Leon Panetta pointed to DDoS attacks as evidence that the nation’s critical infrastructure remains all too vulnerable to being hacked. In recent weeks, as many of you know, some large U.S. financial institutions were hit by so-called ‘distributed denial-of-service’ attacks, he said. These attacks delayed or disrupted services on customer websites. While this kind of tactic isn’t new, the scale and speed was unprecedented.

  • Sophisticated DDoS do-it-yourself toolkits implicated in large scale attacks

    itsoknoproblembro DDoS toolkit implicated in numerous large DDoS attacks aimed at US banks

  • Barrett Lyon founds Defense.Net to combat new and larger DDoS attacks from old and new bad actors

  • Large nation states add their resources and attack size grows

    NY Times reports U.S. officials still convinced that continuing denial of service (DDoS) attacks against American banks by the Izz ad-Din al-Qassam Cyber Fighters are cover for state-sponsored cyber sabotage by Iran

  • DDoS Attacks Exceed 150 Gbps

    Largest recorded DDoS attack size reaches a new and unprecedented level: Two high profile attacks recorded above 150 Gbps in the first half of the year

分类: 技术点滴 标签:
  1. 本文目前尚无任何评论.