[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <3FD61B0A.9050809@notdot.net>
Date: Wed, 10 Dec 2003 07:57:14 +1300
From: Nick Johnson <arachnid@...dot.net>
To: tonyl@....ltd.uk, bugtraq@...urityfocus.com
Subject: Re: Is this the first case of a Distributed Denial of Physical Service?
This isn't the first use of the internet to attempt a Denial of Service
style attack on something in the physical world. In late 2002, people
from http://slashdot.org teamed together and executed a
postal-service-DoS on a spammer. After obtaining his physical address,
they signed him up for thousands of free catalog mailings and the like.
More details, including a link to a paper written about how such attacks
could be executed automatically here:
http://slashdot.org/articles/03/04/15/2027225.shtml?tid=111&tid=172
tonyl@....ltd.uk wrote:
>Hi,
>
>
>
>Please see:
>
>
>
>http://www.theregister.co.uk/content/6/34388.html
>
>http://www.cambs.police.uk/camops/press_releases/press_releases.asp?ID=1992
>
>
>
>It appears that an individual has successfully socially engineered a distributed denial of physical service (DDoPS?).
>
>
>
>A (hoax) email had been sent out to individuals informing them of their latest purchase and that their credit card had been charged accordingly.
>
>
>
>As the individuals had not ordered iPods at £399.95, they were socially engineered into calling the customer service line given in the email.
>
>
>
>This telephone number happened to be for the UK's Cambridgeshire Constabulary (police) Main Switchboard.
>
>
>
>At the peak of this DDoPS, the switchboard was receiving 500 calls an hour, effectively denying the usual use of this telephone service.
>
>
>
>It appears that a whole range of "systems" and processes may be vulnerable to this type of attack and raises some interesting points to consider...
>
>
>
>Kind regards,
>
>
>
>Tony Langley
>
>Systems Architect
>
>S2S Limited
>
>
>
Powered by blists - more mailing lists