Attack 8
Distributed Denial of Service
Attack 2 - copy legitimate IDs from existing products
Attack 3 - Steal bulk IDs from the database
Attack 4 - Subverting the Channel
Attack 5- Subverting the Database
Attack 6 - Subverting the Server
Attack 8 - Distributed Denial of Service
A denial of Service attack is a means of disabling an online service by
flooding it with too many requests for attention. Typically, in order
to cover the identity of the attacker, a worm or virus is used to gain
control of hundreds or even thousands of innocent workstations attached
to the web. Once infected, the attacker can instruct the unwitting hosts
to send spoof packets to the target. When faced with simultaneous spurious
requests by the thousand, most systems will be unable to continue to service
the genuine requests and the system grinds to a halt. It is not a way
of compromising the data, merely preventing access to it.
This would be a desperate measure but we need to plan for it. Why would anyone wish to launch a DDoS attack against the database?
The counterfeiter may conclude that his 40 ton truckloads of illicit goods will be able to pass - for example - a customs checkpoint provided that the officials there can't interrogate the Codel database. For that reason, they might organise a DDoS attack on the system in order to force it offline. As yet there are no effective defences against large sustained DDoS attacks.
The only measures we can take to prevent the attacker gaining advantage from such an attack is to provide an alternative channel of communication. Clearly it is impractical to provide such a channel for all those who may wish to access the database, but we can at least ensure that key checkpoints have access to the database via bulletin board style direct line connection or dedicated vpn etc.
