FindLaw columnist Eric Sinrod writes regularly in this section on legal developments surrounding technology and the internet.
Distributed denial of service (DDOS) attacks are not creatures of the past. Indeed, they still are with us, as exemplified by the recent DDOS attack on WordPress, a blogging site.
According to recent press reports, this attack impacted connectivity for a large number of the 25 million WordPress bloggers.
The press reports indicate that the magnitude of this distributed denial of service attack was multiple gigabits and tens of millions of packets of information per second, impacting data centers in Chicago, San Antonio and Dallas. While WordPress reportedly is seeking to grapple with the attack, it is having some difficulty based on the sheer size of the attack.
A DDOS attack, in essence, and for the sake of simplicity, is the bombardment of so much data to a Web site that the site is overloaded and shuts down. Obviously, when a commercial Web site is not operational, there is an interruption in business and operational revenue. Thus, DDOS attacks can represent a real threat to the commercial viability of a site.
Naturally, to the extent possible, defensive technical measures should be taken to prevent the intrusion of DDOS attacks. And, where such measures are not successful, legal remedies are available.
However, the perpetrators of the attacks may not be sufficiently solvent to make a legal recovery meaningful. Moreover, at times it is difficult to track down and ascertain who actually launched a given DDOS attack. This is because at times as such an attack can be routed through various "zombies" sites, making it difficult to track the attack back to its original source.
So, why are DDOS attacks with us? It is not always easy to peer into the minds of those who are bent on destruction. The motivation in a given instance could have to do with simple mischief, or it could relate to efforts to harm a commercial competitor, or it could be politically inspired.
Whatever the case, DDOS attacks remain on the Cyber scene and must be addressed.
Eric Sinrod is a partner in the San Francisco office of Duane Morris LLP (http://www.duanemorris.com) where he focuses on litigation matters of various types, including information technology and intellectual property disputes. His Web site is http://www.sinrodlaw.com and he can be reached atejsinrod@duanemorris.com. To receive a weekly email link to Mr. Sinrod's columns, please send an email to him with Subscribe in the Subject line.
This column is prepared and published for informational purposes only and should not be construed as legal advice. The views expressed in this column are those of the author and do not necessarily reflect the views of the author's law firm or its individual partners.
Related Resources:
- Heartbreak over Heartland: Why Prosecution for Data Breaches Isn't Enough(FindLaw)
- Personal Data, an Email Error & Security Breach Notification Laws (FindLaw's Common Law Blog)
- Credit Card Data and Encryption: Big Holes in Protection (FindLaw's Common Law Blog)
