CATEGORIES
home Leisure Social And Internet

DDoS Extortion Attack Knocks Social Networking Site Meetup Offline

by Rob WilliamsMonday, March 03, 2014, 03:00 PM EDT

As unfortunate as it is, DDoSing is as easy to pull off as it is frustrating. With enough computers at their disposal, anyone could force enough traffic to a website in order to take it down, and even massive services are not immune. A perfect example of this is ongoing, with popular social networking site Meetup. This is a site that's ranked in the top 500 globally, but despite that, it's been down more than it's been up since DDoS attacks began on Thursday.

Here's what's interesting about this particular DDoS attack: Meetup could stop it for a mere $300. Given the fact that this site spends millions each year on its own security, $300 is a drop in the bucket, and in effect, the site's losing way more than that each day due to lost revenue. So why not pay? Because of the precedent it'd set, and for the site's defiance, we should all be thankful. Here's why, from the lips of Meetup's CEO Scoitt Heiferman:

1. We made a decision not to negotiate with criminals.
2. The extortion dollar amount suggests this to be the work of amateurs, but the attack is sophisticated. We believe this lowball amount is a trick to see if we are the kind of target who would pay. We believe if we pay, the criminals would simply demand much more.
3. Payment could make us (and all well-meaning organizations like us) a target for further extortion demands as word spreads in the criminal world.
4. We are confident we can protect Meetup from this aggressive attack, even if it will take time.

Each one of those bullet-points is important. If Meetup decided to pay the meager amount that's demanded, it could result in the attackers demanding more (perhaps much more) money down the road. Plus, and more importantly, it'd set a precedent that's not great. DDoSing with the promise of stopping after a payment is made is extortion, and criminals can't be led to believe that getting away with such a thing is simple.

Protecting against DDoS attacks isn't easy, and it seems like it's an area that should be focused on by hosts and server designers alike. DDoS attacks are happening way too frequently, and while it's easy to understand how difficult it is to fight against one, something clearly needs to be done. In the grand scheme, Meetup might not be too important of a service, but imagine this same situation with an attack against a banking website, or some other genuinely important service. It's scary to think about.

Tags:  security, DDoS
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment