Picture: ISTOCK

Picture: ISTOCK

Related Articles

Mobile phones: Finding a new used niche

Used-smartphone market growth rate forecast to be four or five times higher than that of overall smartphone market
Siyabonga Cwele. Picture: MOEKETSI MOTICOE

Pattern Recognition: Miscommunication in SA

Descending from ridiculous to thoroughly absurd

Pattern Recognition: End of an error

The end of an era, headlines have proclaimed in the last week

Pattern Recognition: Will Samsung recover from exploding phones?

Is Samsung too big to fail?

Mentioned in this Article

FM Edition:

If you had never heard of a distributed denial of service (DDoS) attack before, after last week’s assault that hobbled Twitter, Netflix and other networks you would know how dangerous it can be.

A DDoS assault is one of the ways to bring a website down, sending millions of requests to the server so that it gets overloaded and just stops letting anyone through.

It sounds very much like a science fiction movie — because sci-fi often uses technology the average Johan or Jabu has never heard of — but it is all too dangerously real.

Instead of attacking sites such as Twitter, Netflix, Amazon, Spotify and Reddit directly, last Friday’s onslaught targeted a company called Dyn, which provides domain name server registries, kind of like the telephone book for servers on the Internet.

The terrible influence DDoS attacks have on news organisations, and therefore on freedom of speech, was the subject of a scary presentation by George Conard at the Media Party Africa on the day this attack became front-page news.

Conard works for a subsidiary of Google’s parent company, Alphabet, on Project Shield, a goodwill service provided by Google to news sites to prevent them from being attacked.

There are about 45m DDoS attacks a year, and about 50% of news organisations experience such attacks, Conard told the journalism conference in Cape Town. Terrifyingly, there are websites that sell "network stressing" services — as they are euphemistically called in advertisements.

News sites are often the victims of DDo S attacks when they publish exposés or investigations, attracting "bad guys" — as the security industry just as euphemistically calls them — to exact revenge. One estimate put last Friday’s disruption at $110m in lost revenue and sales — which is part of the reason "bad guys" do it to news sites. Would-be readers can’t access the investigation and the site loses revenue.

Even more terrifying is that a chunk of the devices used to execute the DDoS are devices like digital video recorders and video cameras, which are online and have poor security.

Where hackers once used their skills to show off their prowess at circumventing security, their motives shifted in the past decade to financial gains, and have led to, among others, spam and the "419" scam e-mails.

I’m going to use the word terrifying again because people no longer have to create their own botnet to perform such an attack — they can simply rent it. People can buy the service, use it, and down goes press freedom.

We can be grateful that President Jacob Zuma and the Guptas don’t know how to do this.

Shapshak is editor and publisher of Stuff magazine. Follow him on Twitter: @shapshak