In the battle for supremacy between two powerhouse DDoS hacking groups, botnets will be assembled, malicious traffic will be mobilized, servers will be sunk and targets will buckle under the strain. In the battle for supremacy between DDoS hacking groups, there can be only one victor. However, there can be over one billion losers: every website on the internet.
Behold the chaos brought on by a single distributed denial of service attack on Skype.
The story behind the story
DDoS attacks or distributed denial of service attacks are a form of cyberattack that uses the collective resources of a botnet to launch massive amounts of malicious traffic or requests at a target website or online service. In the case of successful attacks, it’s enough malicious traffic to overwhelm the target’s server or other infrastructure, either taking the site or service offline or leaving it too slow to be used.
Thanks to their proliferation, these attacks have been in the news steadily for the last few years. A successful DDoS attack on an application as significant as Skype is noteworthy, to be sure, but it isn’t shocking. With Netflix, Twitter, Spotify, Reddit and CNN all appearing on the list of DDoS victims along with the vast majority of online gaming platforms, it’s nothing new for millions of users across the world to be denied the online services they’ve come to require.
What did come as an unpleasant surprise is just who was purportedly behind the attack on Skype: the hacking group CyberTeam. If you’re thinking you’ve never heard of CyberTeam before, well, that’s the problem.
When Skype users across Europe, the United Kingdom, Japan, India, Pakistan, South Africa, Singapore and the United States experienced connection problems over the course of two days, a Twitter account belonging to this so-called CyberTeam was quick to claim credit. They were doing it all for fun, they said, and went on to name gaming platform Steam as their next potential victim. Then came the words that may haunt us all: they vowed to be “more aggressive” than famed DDoS hacking group the Lizard Squad.
The Lizard Squad legacy
The Lizard Squad began their dirty work in August of 2014, taking down League of Legends gaming servers. They continued attacking online gaming platforms throughout the fall of 2014 but shot to internet infamy on Christmas Day in 2014 when they took down both the Sony PlayStation and Xbox Live networks, leaving anyone who had gotten new consoles or games as Christmas presents unable to use them. The Lizard Squad had arrived and done so with a cosmic bang, one heard round the world in the form of vented frustration from legions of Sony and Xbox gamers on social media.
The Lizard Squad shenanigans continued in the form of a DDoS attack on the Tor network, and one on the Malaysian Airlines website. It wasn’t long before it was revealed that these attacks had been perpetrated in order to publicize the Squad’s DDoS for hire service, a service that allows the average internet user to launch DDoS attacks without any technological know-how. For a fee, of course. The seedy underbelly of the internet’s version of a get-rich-quick scheme.
To give an idea of just how prolific the Lizard Squad has been, one arrested member of the group has been convicted of 50,700 cybercrimes.
Either bad or worse
Whether CyberTeam really is just firing off attacks for the fun of it, or they’re actually gearing up to promote a DDoS for hire service, the presence of a new high-profile group dedicated to causing chaos on the internet is not a welcome thing.
What will be even worse, however, is if this public display of DDoSing and subsequent calling out of Lizard Squad inspires the Squad to return to their former headline-grabbing glory. In a turf war between competing distributed denial of service hacking groups, the entire internet loses. Between DDoS for hire services, DDoS ransom notes, DDoS attacks used as smokescreens for intrusions, and plain old DDoS attacks, nearly every website on the internet is a potential target, and the threat will only intensify if two hacking groups are publicly flexing their muscles.
A happier ending
In the battle for supremacy between two powerhouse DDoS hacking groups, there is a chance a hero could emerge. One armed with always-on or on-demand deployment, granular traffic inspection and a powerful scrubbing server, one that could keep malicious traffic from ever even reaching its intended target. Yes, the mighty professional distributed denial of service mitigation. The hero we need, the hero we deserve, and the hero that could inspire protected websites everywhere to shrug their shoulders at the Lizard Squad, CyberTeam and any other would-be disruptors.