Earlier this month, the Department of Justice announced the indictment of 13 individuals associated with the hacker organization Anonymous for a widespread scheme to disrupt and shut down commercial and government websites. Using cybercrime techniques known as Distributed Denials of Service (DDoS) attacks, the hackers "executed a coordinated series of cyber-attacks against victim websites by flooding those websites with a huge volume of irrelevant Internet traffic with the intent to make the resources on the websites unavailable to customers and users of those websites." Targets of these disruptive attacks included the U.S. Copyright Office, the British Intellectual Property Office, financial institutions, credit card operators, the Motion Picture Association of America and music companies.
A DDoS attack occurs when a hacker intentionally floods a computer server or servers with artificial volumes of Internet traffic, slowing and overloading the servers' functionality and ultimately crashing websites and networks hosted on those servers, rendering them unavailable to legitimate users. In addition to making networks and websites inaccessible, hackers can also use DDoS attacks as smokescreens for other criminal activities including data and intellectual property theft. While perpetrators can attack individually, they can also collaborate with other hackers, or use Trojans or Worms, to hack the computers and servers of innocent third parties. When hacked, the third-party computers become zombies, also known as bots, which act at the order of the perpetrating hackers. The coordination of multiple bots, forming a network of infiltrated computers or servers, known as a botnet, dramatically increases a hacker's capacity to overwhelm his or her targets. Although tempting, it is illegal under U.S. law to retaliate against such an attack by striking back. As the sophistication and frequency of these attacks increase, all companies, regardless of industry or size, are urged to prepare and evaluate their risks and response plans for such attacks.
Companies should review their existing coverage to determine the extent to which it covers these emerging threats and consider a variety of factors about their businesses to determine whether purchasing cyber insurance should be part of their risk management strategy. Insurance companies are increasingly offering insurance to cover disruption of business operations. Given the risks of conducting business in today's technological world, companies should consult with counsel to review their insurance policies to assess the extent to which they are covered for cybercrime-related financial losses in the event of a DDoS or other computer attack. As with all cyber-attacks and related data breaches, companies should continually evaluate and enhance their systems to mitigate such risks before a major disruption of service or theft of intellectual property occurs.