One of the most popular forms of computer attack today is the distributed denial of service attack, or DoS. It's not bored teenagers living in their mothers' basements doing it, either. It's an organized criminal business, using large networks of compromised home computers (here's a hint: if you aren't running a current, up to the minute anti-virus program on your Windows computer, you're part of their network).

While there are sometimes political aims to these attacks, the usual approach is to shake a company down for a fat payday to make the attack go away. If the money isn't forthcoming, the attack gets ramped up to the point where the company can't do business. Lots of businesses do pay, or this wouldn't continue to be an effective business model.

The problem with paying the extortion money is that you'll keep having to pay the blackmailers. So what are you to do instead? There is a little known but very lucrative industry in selling appliances that stop or blunt these attacks. They are purchased by telecommunications companies, large businesses and businesses who do most of their business online (Disclosure: I now work for a company that makes these appliances).

Some of the machines that do this kind of work are solo operations, looking for any actors sending too much junk and blocking them. Others work as part of a network that share data, allowing them to aggregate data about bad actors and filter their junk out. Some networks even share their data with centralized data collection services, who publish attack mitigation rules for widely distributed attacks (see http://asert.arbornetworks.com/ for an example of a blog about one of these feeds).

The alternative way to deal with these attackers, of course, is to hunt them down and kill them like the dogs they are. In the real world that isn't generally practical, although it has happened on occasion. Normally it takes law enforcement authorities, with their own massive network of investigators, years to track these guys down.

So what are we to make of this information in game? The network monitoring and threat mitigation appliances can act like sensors and informants, pushing valuable information to a team of investigators. The climactic scene, of course, will probably be when the investigators swoop down on the black hats.

The thing to remember is that these black hats aren't the stereotypical cellar dweller. They are organized criminals, and you'll be dealing with the mob, and the repercussions that will follow.

On a final note, this is my last /hack installment. I have been writing here for quite a while now about computer security. I now work full time as a developer for a network security company, and that takes up all of my time. If you want to learn about cool security things to incorporate into your game, here are some excellent sources:

• Schneier on Security: http://www.schneier.com/ If you look at only one source, this is the one. Schneier is one of the top guys in the field, and incredibly readable. If you get a chance to hear him speak, jump on it.
• The Worm Blog: http://www.wormblog.com/ I know Jose Nazario through my work. He's on top of his stuff, and in addition to this blog he is a significant malware researcher. If you bought Christmas presents online, there's a good chance that Jose is part of the reason you were able to do that.
• Security to the Core: http://asert.arbornetworks.com/ This blog has good coverage of current and emerging trends in network threats. Jose Nazario is one of the contributors.

So long, and thanks for reading my columns.