Wait a minute...
Is his whole argument that the software that comes with Hadoop clusters makes it a bit easier than writing your own software to run on a bot net?
It may be possible for a "single dedicated attacker" to run an internet "carpet-bombing" attack by applying Big Data and distributed computing technologies, security researcher Alejandro Caceres warns. The traditional botnet, or network of hijacked computers, has been used for distributed computing problems, such as Bitcoin …
Next in the news : crooks using rocket launchers gain entry quicker than with crowbars.
Yes, except that rocket launchers make a heck of lot more noise than the lowly crowbar, and when you're in the illegal entry business, it pays to be discreet.
I always thought that was one of the prime qualities of a botnet : you're not conducting the attack itself from a traceable IP, you're just giving instructions to a mass of addresses that are conducting the attack on your behalf.
With attacks conducted from a commercial cloud service, it will be easy as pie to trace the attack back to you. I don't think that's all that smart from a crims' point of view. And even if you create your own cluster, you still own the IPs used - so not any better.
I honestly don't see how this is actually going to change things, but hey, I'm not very knowledgeable in such matters.
Thats because his attacks do not involve Denial of Service. His way of doing things is focussing on SQL Injection vulnerability testing, password cracking etc. which can be done more efficiently in a well managed system. Because there is no outbound malicious network traffic, there will be nothing left for anyone to trace him by, except maybe the company doing the cloud hosting.
The whole point is, that the companies being attacked won't even notice that they are, the results of the attack will then neatly be stored in some logfile for later >actual< malicious use
Way outside my area of expertise but I'm curious a out liability. Lets say for example I use Amazons cloud service to attack ebay and manage to bring it down for a while. Can ebay then go after Amazon or do they get some form of safe harbor protection and ebay can only come after me?
Just seems potentially someone could make a lot of mischief pitting large orgs against each other in this way. Then again I could be totally clueless and arent understanding correctly.