This past week, a large metropolitan utility in the United States announced it had suffered a massive “distributed denial of service” (DDoS) attack, knocking out its automated online- and telephone-payment systems and forcing 155,000 customers to pay their bills in person over the ensuing 48 hours.
At its peak, the utility’s back-end computers that run its customer database were flooded with 5.7m spurious packets of data a second, bringing all legitimate transactions to a standstill. On the second day of the attack, the utility called in Prolexic Technologies. Based in Florida, Prolexic maintains “scrubbing centres” around America, Europe and Asia to suck up such malevolent deluges. The attack on the utility was identified as originating within the United States.
Make no mistake, the attackers were not pranksters bent on causing mischief. Nor was the attack a simple “smash and grab” aimed at stealing a few passwords.