Uhm, usually DDoS is done via botnets so it's not the attackers that pay the internet bill but innocent people with malware on their machines. This means the attackers definitely do not pay for the full bandwidth that reaches the target.
So I don't think this analogy holds tbh.
Innocent people were defrauded and bought a bunch of useless stuff. Naturally, this can be said to be some kind of DDoS, and the innocent people are paying the bills. Innocent people have malware in their brains.
reply
Internet of Things is the biggest culprit, we need some big regulations for it and we also need some auto-securing platform that people switch all these things to from Windows and ancient Linux versions.
reply
Imo, big regulations ain't going to help with people not securing their devices. It might help with better security defaults and punishing companies for bad security, but I've seen "well-intentioned" regulations backfire too often, so I am skeptical.
IoT is a factor, but this was a problem even before IoT became a thing, I think.
There is no easy way out of this, people will need to learn some digital hygiene.
I am probably biased.
deleted by author
reply