Will Distributed Denial of Service Attacks Mean the Death of E-Business? -- CIO Sound Off -- January 2001

So many major sites have been downed by distributed denial of service attacks -- Microsoft most recently -- that I decided last week to ask Sound Off readers whether DDOS attacks could threaten the future of e-business. While every respondent disagreed heartily with argument that DDOS attacks do pose a threat (some sending me personal emails to poke holes in my argument), the column did spark some interesting dialogue.

From a group that regularly calls into question the ability of law enforcement agencies to keep up in cyberspace, it was surprising to hear how much confidence readers have in their power to keep the Internet secure.

"While DDOS attacks are commonplace today, more sophisticated law enforcement and advances in software and hardware which will make these attacks less successful should provide for relatively reliable E-business opportunities in the future," wrote a reader. "The malicious few who believe they can remain anonymous and are thus encouraged to conduct such attacks will find that they cannot continue to hide and get away with these obvious illegal activities."

"As the technology gets better and the punishments for cybercrime get harsher, the Internet terrorist groups will become fewer and smaller," wrote another. "Like the brick and mortar world, these groups will become known to officials and monitored on a regular basis."

Some readers argued that not only will e-business survive DDOS attacks, it will profit from them.

"DDOS attacks are only another great opportunity for Cisco, Microsoft and Exodus, for example, to team up and create truly reliable networks to secure data and maintain 99.9% client uptime. I would pay a premium for services like that," wrote a reader. "Security has never stopped business from moving forward. Back in the 1800's trains, covered wagons and stage coaches were attacked by various entities trying to deny service to remote parts of this country. Those DDOS attack spawned the proliferation of Pinkerton, county Sheriffs and hired guns. Soon, we'll see the Internet Pinkertons."

"Insurance companies will simply generate a new product for e-businesses to cover losses during internet attacks," wrote another. "They'll make a fortune on this new type of policy."

Other readers were less optimistic about the impact of DDOS attacks on e-business. While no one predicted e-business's demise at that hands of DDOS attacks, some readers displayed concerns over its continued growth.

"DDOS attacks will certainly slow the growth of e-commerce since the publicity will cause the potential users to have one more 'fear' to doing web business," wrote a reader. "It's probably also going it impact the small and mid-sized ISPs and ASPs. These smaller companies will be thought of as not having adequate resources for security and may be avoided."

"Getting hacked organizations to admit their 'weakness' will be the biggest hurdle, easily outpacing the technical resolutions more inventive 'smart' firewalls will provide in the future," wrote another.

Others looked beyond the scope of the column and used the opportunity it provided to discuss what they considered to be concerns far more serious than DDOS attacks:

"In much the same way the the Tiffany's, and the Cartiers moved to swanky neighborhoods, and the JC Penneys and the Sears to the neighborhood malls -- leaving convenience stores and the liquor stores to the bad parts of town -- e-businesses will also stratify into neighborhoods that are user-trusting, user careful and user hostile," wrote a reader. "We will not see the Internet as in its early days -- a highway open to all, with no locks on the doors and a culture of sharing. Instead we will see a "suburbanization", with security at each entry door to throw out intruders and anyone else who looks suspicious."

"I don't expect DDOS alone to cause the death of e-business, but what does reduce my confidence in the Internet are cases when a company's security perimeter is actually breached and confidential information accessed, as was the case with Microsoft a few months ago when hackers reportedly gained access to Windows source code. If such a perimeter breach can happen to Microsoft, one of the partners most of us turn to for security, then what does the future hold for the rest of us who use Windows? I fear it will only get worse before it becomes better. If there is a death to e-business, I believe perimeter security breaches will be the real cause."

What impact do you believe security problems will have on e- business? The debate continues at Sound Off: http://comment.cio.com/soundoff/020701.html

This story, "Will Distributed Denial of Service Attacks Mean the Death of E-Business? -- CIO Sound Off -- January 2001" was originally published by CIO.

ITWorld DealPost: The best in tech deals and discounts.
Shop Tech Products at Amazon