Re: Recent Attacks

[Crispin Cowan <crispin () wirex com>]

Ryan Russell wrote:

> All I want is for prosecutors, judges, and law enforcement to put some
> intelligent thought into what the damages really were.  I still say the
> attacker couldn't have done 1.2B in damages, and that's the "crucifixtion"
> dollar amount.

That would be because the attacker(s) did NOT cause $1.2B in damages.
According to a press report I read last week (sorry, lost the reference) the
total loss of e-business (assuming that transactions that didn't happen due
to DDoS are lost instead of delayed) was around $100M.  The other $1.1B was
"capitalization loss", i.e. blame the total $ value of lowering share prices
for the victim .com's on the attackers, ignore any subsequent stock price
rebound, and pin that whole $ amount on the attacker(s).

I agree, the above math does not make sense.  The stock price loss really
IS the victim's fault:  it's Wall Street telling them they need to clean up
their security act, because they are vulnerable.  The $100M in lost
transaction costs is arguably the attacker's fault, but there is a lot of
doubt about how many of those transactions truly evaporated, vs. how many
just came back the next day.

Caveat:  I am not a lawyer, I'm not party to any of these activities, and the
above is paraphrased from what I read in the newspaper.

Crispin
-----
Crispin Cowan, CTO, WireX Communications, Inc.    http://wirex.com
Free Hardened Linux Distribution:                 http://immunix.org
                  JOBS!  http://immunix.org/jobs.html