..bot-infected computers are used to launch DoS attacks - now running at 1,402 a day - as part of extortion attempts..

Not disagreeing, as it looks like 402 of those are hitting my servers every day, but there is no indication in the Symantec report of how they distinguish between genuine hacks for 'extortion attempts' and general DoS behavior from other entities, like spam DoS/DDoS. (And that quote should have been "used to launch DDoS attacks", if the Symantec press release were into accuracy. DoS = 1 system, DDoS = 'distributed' among many systems.)

Whenever I read an overly-generalized panic alert like this, I get a little suspicious of the motives of the publisher. It smells a lot like FUD, and what are the recommendations from Symantec? "Updated AV software, firewalls and patches." Well, 2 out of 3 are sold by the whistle-blower.

News? I think not.
Useful level of detail? Not really.

Whenever I read an overly-generalized panic alert like this, I get a little suspicious of the motives of the publisher. It smells a lot like FUD, and what are the recommendations from Symantec? "Updated AV software, firewalls and patches." Well, 2 out of 3 are sold by the whistle-blower.

I quite agree. Some years ago I was an independent investigative journalist. By chance I found myself within the HPACV world, and would you beleive most of the viruses were being distributed by a few AV companies.

We too get hit by DoS attacks. We cope with them without resorting to paying out money.

Matt

It's the price of popularity. While I have not been the victum of a DOS attack, I do see mutiple hack attempts daily. Nearly every time I look at my log files, there is someone trying to break into my website. Pretty sad.

i dont know why those kiddies still do those childish games, they just waste time too anyways any good network admins. knows how to filter or redirects those dos packets.

They're not just script kiddies anymore. A pro pal's Windoze box got attacked, hacked and used to relay phishing e-mails. Unfortunately, the entire sequence of events and relays required a level of sophistication significantly above that of some phreaking teen typing away while Mom or Dad are in the next room.

Some of it's suspected organized crime, phish CCs, buy stuff online, have it delivered to places to pick it up and fence it. Basically low hanging fruit without the risks of getting caught breaking and entering to unload a warehouse.

Some of it's suspected organized crime...

Ummm, not suspected. Known to be backed/run by organised crime.

SecurityFocus [securityfocus.com]

Poke around that site, F-Secure, Trend Micro, or the news archives of other Virus/Security research and protection outfits, and the pattern becomes very clear.

BotNets rented by the hour, Virus Writing "Gangs" hiring out their latest delivery packages, etc etc

It's not just the script kiddies anymore.

Odd, and indirect proof of this came out in the 2004 Virus War [f-secure.com] between Netsky, Bagle, and MyDoom, which culminated in the arrest of 18 year old German student Sven Jaschan [sophos.com]

Hidden in the code of Bagle and Mydoom:

Bagle.J includes this hidden message:

"Hey, NetSky, f*ck off you b*tch, don't ruine our bussiness, wanna start a war?"

While Mydoom.G includes this:

"to netsky's creator(s): imho, skynet is a decentralized peer-to-peer neural network. we have seen P2P in Slapper in Sinit only. they may be called skynets, but not your #*$!ty app."

And Sven's father was quoted as saying:

He said he really wanted to develop an antidote to the virus. He said he didn't want to cause any damage,

The whole episode was quite telling. The script kiddie "vigilanty" got arrested, while the professional authors of MyDoom and Bagle have never been brought into the light.

Ummmm, I was trying to ease people into it, not scare the hell out of them thinking the Sopranos were in their inbox.

Oooops... My bad ;)

First DDoS. Next comes DDDoS.

[webmasterworld.com...]

If one takes these guys lightly then the chances are you have already been hacked several times. Some are kiddies but there are a few who are making good attempts.

Also, if the Ddos is by a lot of machines you firewall can get overwhelmed.

Another thing to note is the cost, I loose around 1/2 an hour a day on security. Regularly going through my drill everyday to check for attempts and if I have been hacked.