High Orbit Ion Canon

Hackers' new super weapon adds firepower to DDOS

Public-sector IT managers and hackers are always in a constant struggle, especially since government websites are so often the targets of malicious attacks. Now agencies have one more thing to worry about. The hackers have got themselves a High Orbit Ion Cannon  -- actually, an unlimited number of the new weapons.

The name sounds a bit like something out of a “Star Wars” movie, but the High Orbit Ion Cannon (HOIC) is actually a very dangerous free-to-download, open-source program that can turn any user of any skill level into a powerful hacker, at least in terms of one form of attack, a distributed denial-of-service.

It was designed to be extremely easy to use. The user just types in the URL of the target, sets the HOIC to operate in supercharged or normal mode, and then “fires the laser.” The program sends traffic to that URL in an attempt to overload the site and bring it down. A 41-second YouTube video shows how quickly and effortlessly an attack can be launched. 

The HOIC is actually an upgrade to an older program, the Low Orbit Ion Cannon, which had been a favored tool of Anonymous and other hacker groups. But the HOIC, which has been around for a little while and is gaining popularity among hackers this year, is much more powerful.

The HOIC is able to use custom scripts to target more than just a website’s home page. Instead of sending out a single pulse over and over, which is a visit to the site from a fake user, HOIC targets sub-pages. So these spawned, fake users try to visit the welcome page, the help pages, article pages and anything else a victim site has to offer. This tactic prevents some firewalls from recognizing that what is happening is an attack. Even if they do detect what’s happening, they will have trouble shutting them down because the “supercharged” version of the software is sending multiple fake users to multiple pages within a domain. It’s like trying to block shotgun pellets instead of a single bullet.

Agencies probably should be worried about the HOIC, since its laser will likely be targeted towards them at some point. But at least the new cannon isn’t all-powerful. Members of Anonymous, which has frequently attacked government websites and whose  members have upgraded to HIOC, told Gizmodo  that it still takes at least 50 people, each armed with a HOIC, working together to bring down a site. So a lone user won’t be able to do much against agencies on his own, other than raise traffic numbers.

Presumably, if 50 people were working together to bring down the FBI’s website, for example, they would eventually be tracked and targeted themselves, probably not just by software. But firewalls and other anti-DDOS software should probably be amended to better defend against this new threat.

Right now, the hackers and their HOIC seem to have the upper hand. But this ongoing struggle won’t be won or lost in a day or with a single program. Still, the new cannon is a serious threat that deserves attention before it wreaks havoc on the public-sector infrastructure.

About the Author

John Breeden II is a freelance technology writer for GCN.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/Shutterstock.com)

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected