White Papers for Health Insurance Portability and Accountability Act (HIPAA)

Accounting for Internet Malice

TopLayer

In early November 2003, WorldPay, the Internet payments subsidiary of the Royal Bank of Scotland, was
famously taken offline for three days by a distributed denial of service (DDoS) attack. In the attack build-up,
thousands of PCs all over the world had unknowingly become hosts to malicious computer code
known as a Trojan. This occurred by an innocent-looking, but unsolicited email attachment. Once
opened, the Trojan quietly installed itself on the hard drive of the PC, established a channel of
communication to its creator, and then waited for the command to attack.
When the attack command came, from an attacker whose identity remains a mystery, the Trojan code
sprang into life. Its first action was to hijack the Internet connection of its host. Then, each host was
directed to make hundreds of requests from WorldPay’s servers, each request was issued with a
different, bogus, source address. None of these transactions would ever complete. Every bogus request
made meant a legitimate client was denied service. Every uncompleted transaction meant a little more
server resource was squandered. The net result was that the flow of legitimate transactions slowed to a
trickle.

View the White Paper

Share or bookmarklet this web page at: