When WikiLeaks Looks Like YOUR Problem


Just come to my attention: Some recent work by Harvard's Berkman Center for Internet and Society on DDoS (distributed denial of service) attacks. Their December 2010 Report (PDF)

focuses on politically based reasons for wanting to shut down a site, because it considers only media and human rights sites. Clearly WikiLeaks and their DDoS problems are what the authors had in mind.

But as with so much of IT these days—part an parcel, in my mind, with IT consumerization—we can see our business future in these kinds of unbusinesslike events. In a recent example, U.S. online retailers specializing in batteries were targeted by DDoS attacks (Smoking Gun story here; h/t CNET's InSecurity Complex), apparently as a direct attack by an overseas competitor.

DDoS is the online equivalent of arson. Now, apart from the criminality of it, arson is nearly unthinkable as a competitive business practice in the so-called real world because of the risk of getting caught. But in our online world, the risk of getting caught at a cybercrime such as DDoS at least seems much lower.

So it's worth getting to know something about it from actual examples. Which the Berkman Center's approach is full of—as well as providing a pretty detailed framework for thinking about DDoS and the environment in which it operates. I can't say their recommendations are inspiring or practical, at least from the business perspective, but the foundation under them is quite solid and complete.