http://money.cnn.com/2015/10/08/technology/cybercrime-cost-business/

Above link to an article regarding “Cybercrime costs the average U.S. Firm $15 million a year” where author refers results of HP and Ponemon Institute of Cyber Crime research. According to the article most common type of cybercrimes are carried by Distributed Denial of Service Attack (DDoS).

Let’s explore the Distributed Denial of Service Attack (DDOS). In Denial of Service Attack (DoS) the main purpose is to overwhelm the victim service by enormous amount of request to an extent where victim service/system is no longer able to process the request and shuts itself. But in the DoS it is usually single computer with single internet connection acts as the initiator of requests (Beal). However, with DDoS, attack on the victim service/system is carried out from multiple computers that are connected to different networks and can be globally spread-out. These computers usually infected by software that takes control of the computer and carries out required tasks in the background. In DDoS it is nearly impossible for victim system/service stop the attack as it is extremely hard to distinguish valid request versus DDoS. DDoS usually will be target:

1. System processing capacity by sending enormous quantities of packets (i.e. >1M request per second)

2. System bandwidth by sending large amount of junk data (i.e. > 10 Mb files)

3. Communication layer – application layer resources depleted.

    

http://money.cnn.com/2015/06/16/investing/cybersecurity-hack-etf/?iid=EL

Second article is a follow up to the first article, and touches on an ethical point of whether it is right thing to legally benefit from the cybercrime? This article talks about the stock rise of companies that focuses on cybersecurity industry. On one side, we tend to mark it bad and illegal to have any systems hacked, but on the other hand owing the stocks of cybersecurity company one would wish the increase in numbers and severity of the cybercrimes so that the stock prices go up. Alternatively, when a retailer or a company gets hacked, their stock may drop for a while and then rebound. So is it ethical to wish a company to be hacked, so one can buy the stocks and then sell them when the price rebounds back. At the same time, if cybercrimes are inevitable and there will be a stock dropping and gaining, what is wrong with making a few buck so this? How this would differ from a slot machine, where someone played for hours losing the money, and when they leave, playing on that machine and winning a jackpot?