Hacktivism has replaced financial gain as the prime motivator for disrupting a website’s operation with traffic with a Distributed Denial-of-Service attack, according to a report by Arbor Networks, a network security company in Chelmsford, Mass.
"Previous data showed the top factors to be financially driven, either for competitive reasons or outright extortion," Arbor noted in its seventh annual Worldwide Infrastructure Security Report.
"In today’s environment," it continued, "any business can become a target of an attack, and given the plethora of readily available DDoS attack tools, anyone can launch an attack. This represents a sea-change in the threat landscape and in the risk assessment model for network operators and end-customers that rely on the Internet for their business."
Arbor also reported that two-thirds of all DDoS attacks globally were motivated by politics, ideology, nihilism or vandalism.
In addition, it found that most network operators continue to avoid engagement with law enforcement authorities when they're attacked. They distrust law enforcement's capabilities and willingness to investigate online attack activity, it said.
Last year was a notable year for network threats because it marked the "democratization" of DDoS, according to the lead author in the report, Roland Dobbins. “Any enterprise operating online -- which means just about any type and size of organization -- can become a target, because of who they are, what they sell, who they partner with or for any other real or perceived affiliations," he said.
"Furthermore," he continued, "the explosion of inexpensive and readily-accessible attack tools is enabling anyone to carry out DDoS attacks."
Along with its threat report, Arbor released a visual guide to the DDoS attack tools on the market. The list of some 50 tools includes a range of attack weapons from the simple to the sophisticated.
However, even the simplest tools can seriously harm the denizens of a website, observed Curt Wilson, a member of Arbor's security and engineering response team. That's because the contain Trojans that can steal passwords, download and execute malware, sniff keystrokes and perform other malicious activities.