How Destructive Is a DDoS Cyberattack?
To do that, hackers send malware or malicious software, mostly via email, to many people. This is known as phishing. When they download them, their computers turn into robots or bots that respond to orders from the attacker. And when there are hundreds or thousands of these bots, the computers turn into a botnet, which acts as something of a personal zombie army. Now, whenever the hackers please, they can give an order to the botnet and launch a simultaneous and massive DDoS attack. That’s the one that can wreak havoc on a website, depending on the magnitude of the attack.
A DDoS attack is akin to knocking so many times on someone’s door that they get annoyed and stop responding. But it doesn’t breach the house or steal anything from it, that is, it doesn’t cause any data theft, but it does prevent others from reaching the house.
So, a DDoS attack is not in itself a way for hackers to cause a devastating impact, like shutting down a power grid or stealing a billion dollars.
Devastating Billion-Dollar Cyberattacks
Movie-like cyberattacks are very elaborate and require multiple tools like phishing, keyloggers, and malware as well as strategies like social engineering, which involves psychologically tricking someone into doing something, identifying a mole, or even closely studying a company or institution over a long period of time.
But what better way to know more about this than with an example that looks like something out of a Netflix show.
The so-called Carbanak APT cyberattack or “The Great Bank Robbery” was first detected in late 2013 when more than 100 banks and financial institutions were breached and robbed by an unknown group of hackers. Moscow-based cybersecurity company Kaspersky reported that the perpetrators may have stolen as much as $1 billion in total.
So how did the hackers pull off such a massive heist?
According to Kaspersky, the hackers first resorted to so-called spear-phishing, meaning that they sent tailor-made customized emails to bank personnel that looked like legitimate banking communications. These emails had either infected Word documents as attachments or a link that if downloaded or clicked would eventually result in the execution of a malicious program known as Carbanak.
Carbanak is a type of backdoor tool that allows remote hackers to use and look into an infected computer. With one computer infected, the hackers could then easily contaminate more machines inside the organization.
The malware also used a keylogger, which records and sends all the keystrokes to the hackers. So, the hackers just had to wait for an administrator to type in the passwords and other sensitive information, giving them access to the bank’s infrastructure and network. When an administrator did type in the details, the criminals got the details they needed to pull off the heist.
But costly hacks like this require more than just computer programs. Once inside the banks’ IT systems, the hackers waited for months silently spying on the employees, analyzing the procedures and learning about how the banks worked so they could later mimic them.
When they were ready, the cybercriminals used payment processing services like the SWIFT network to transfer money into their fake accounts. Then they managed to remotely control ATMs and make them throw out cash at precise locations and times so their money mules could pick up the money.
This was a very sophisticated, coordinated and carefully planned and executed operation, as opposed to the relatively simple flooding of a website with requests in order to crash it.
Esteban Pardo is a science journalist at DW.This article, which was edited by Ashutosh Pandey, is published courtesy of Deutsche Welle (DW).
