Denial-of-service Attacks
Denial-of-service ("DOS") attacks are primarily aimed at disrupting the availability of computer system resources to authorized users, usually, by sending invalid data that causes the server software to crash or by flooding computer systems with invalid requests. The increasing number of unsolicited junk e-mails, known as spam, can also cause a DoS by decreasing or denying availability of e-mail services to authorized users and by clogging their mailboxes with unwanted e-mails, thus interfering with the user's ability to send and receive legitimate e-mail messages.42 To launch distributed denial-of-service ("DDoS") attacks, cybercriminals, using malware installed on hundreds or even thousands of compromised computer systems, attempt to flood the victim's network with requests and disrupt access to the target Web site or to overload the victim's servers and cause them to crash.43 Even more dangerous is a distributed reflective denial-of-service ("DRDoS") attack, where the attacker uses compromised computers to send connection requests to many other computers on the Internet specifying the victim as the originator of the requests.44 This causes the computers receiving the requests to send replies to the victim's computer multiple times causing the victim's network to be clogged with their replies.

DDoS attacks are not a kids' game anymore; they have become a weapon of choice for cyber-extortionists and unscrupulous businesspeople attempting to bring down competitors' Web sites. The DDoS, and especially DRDoS, attacks are very difficult to investigate because of the difficulty in tracing them back to the attackers. Nevertheless, in Los Angeles in 2004, the FBI executed the first arrests related to a large-scale DDoS attack used for commercial purposes in which two businessmen hired a team of hackers to bring down competitors' Web sites.

Spare
In 2004, Microsoft founder and chief software architect Bill Gates predicted that spam would be gone by 2006. Despite his prophecy, spam comprised up to ninety percent of all e-mails in 2006. IT administrators are constantly struggling to protect their email servers from an ever increasing volume of spam. To bypass e-mail filters, spammers started using images instead of text in their e-mails. To avoid detection, spammers often use compromised computers and unprotected wireless networks to send millions of junk e-mail messages. Although modern anti-spam systems usually filter out around ninety-eight percent of spam e-mails, spammers ensure that a large number of their e-mails still reach users' mailboxes by employing automated spam engines to send out a huge volume of e-mails.

Cybercriminals often use spam e-mails in various fraud and identity theft schemes to gain unauthorized access to financial accounts or for large-scale deployment of various types of malware. Written by James M. Sheehan, Special Agent in Charge, Criminal Division, FBI Los Angeles.