dezembro 08, 2020

[Segurança] História dos ataques DoS e DDoS

Em 2017 a Radware publicou um artigo contando a história do primeiro ataque de Denial of Service (DoS), que segundo eles ocorreu em 1974, quando um estudante de 13 anos criou um programa que derrubou usuários em 31 terminais na Universidade de Illinois Urbana-Champaign:
The first-ever DoS attack occurred in 1974 courtesy of David Dennis—a 13-year-old student at University High School, located across the street from the Computer-Based Education Research Laboratory (CERL) at the University of Illinois Urbana-Champaign. David recently learned about a new command that could be run on CERL’s PLATO terminals. PLATO was one of the first computerized shared learning systems, and a forerunner of many future multi-user computing systems. Called “external” or “ext,” the command was meant to allow for interaction with external devices connected to the terminals. However, when run on a terminal with no external devices attached it would cause the terminal to lock up—requiring a shutdown and power-on to regain functionality.
Curious to see what it would be like for a room full of users to be locked out at once, he wrote a program that would send the “ext” command to many PLATO terminals at the same time. Dennis went over to CERL and tested his program—, which succeeded in forcing all 31 users to power off at once. Eventually the acceptance of a remote “ext” command was switched off by default, fixing the problem.
Por sua vez, os ataques distribuídos de negação de serviço (Distributed Denial of Service, ou DDoS) surgiram no final do ano de 1999.
One of the first large-scale DDoS attacks occurred in August 1999, when a hacker used a tool called “Trinoo” to disable the University of Minnesota’s computer network for more than two days. Trinoo consisted of a network of compromised machines called “Masters” and “Daemons,” allowing an attacker to send a DoS instruction to a few Masters, which then forwarded instructions to the hundreds of Daemons to commence a UDP flood against the target IP address. The tool made no effort to hide the Daemons’ IP addresses, so the owners of the attacking systems were contacted and had no idea that their systems had been compromised and were being used in a DDoS attack. Once hackers began to focus on DDoS attacks, DoS attacks attracted public attention. The distributed nature of a DDoS attack makes it significantly more powerful, as well as harder to identify and block its source. By the new millennium, DDoS captured the public’s attention. In the year 2000, various businesses, financial institutions and government agencies were all brought down by DDoS attacks.
Aproveitando, em Outubro deste ano a Google publicou um relatório sobre o crescimento dos ataques DDoS, com um gráfico bem legal que mostra a evolução da capacidade de ataques nos últimos 10 anos:



Vale a pena ver também essa lista com os 5 ataques de DDoS mais famosos na história: The most famous DDoS attacks in history (adicionado em 19/02/2021)

Nenhum comentário:

Creative Commons License
Disclaimer: The views expressed on this blog are my own and do not necessarily reflect the views of my employee.