Author Archives: Enurrendy

DDoS Attacks Remain a Serious Threat to Businesses Worldwide

So, what exactly is a DDoS attack? DDoS attack stands for Distributed Denial of Service attack. This is when multiple systems flood a targeted system, rendering it unavailable. One analogy is to think of a DDoS attack as several people on a conference call continually yelling over the one person who is actually speaking to the group, making it impossible for anyone to hear the speaker. Those who are yelling would be a DDoS attack on the speaker. Why are businesses targeted? There are many reasons. It could be to damage the reputation of the business. If a popular social media site like Twitter were repeatedly unavailable over a period of time, end users would eventually grow tired of the inconsistent experience and move away from the platform. Those same users might also comment negatively about the platform on other social media platforms, damaging the company’s reputation. It could also be to harm the business financially, by making it impossible for customers to complete transactions via the company website. Imagine how much money an e-commerce site like Amazon would lose every minute of downtime that their site is not available or able to process transactions. Think about the last time you clicked Submit on a website and you watched the spinning wheel for some amount of time before you received a timeout or error message. Did you go back and set up your order or fill out that form a second time and try again, or were you sufficiently frustrated that you went to another site or simply didn’t complete what you were doing? Our online attention span is typically not very long. One of the most infamous DDoS attacks was the 2016 attack on Dyn, a provider of Domain Name System (DNS) services. DNS is the system that translates names to IP addresses. It’s a near real-time conversion service that acts as the internet’s map. This is how, when you type in www.google.com, you wind up at Google’s web search engine, which has a numeric address, or IP address, on the internet. When Google publishes its services, it does so at this numeric IP address. It’s DNS that tells your web browser what IP address to go to when you type in www.google.com. The attack method used on Dyn was a sophisticated botnet that took advantage of numerous Internet of Things (IoT)devices like printers, cameras, thermostats, baby monitors and other “smart” devices connected to the internet, many in people’s homes. This attack was one of the first to highlight the weak cybersecurity that many manufacturers had built into these devices. These were designed to easily install in your home and get connected to the internet, most often via Wi-Fi, to make your home smarter. Unfortunately, this also let the bad guys have a massive attack surface to work with. A botnet is a term used to define a number of connected devices that are infected by malware and used together as one collective weapon system. In this case, that weapon is designed to generate a massive flood of traffic that will render its target inaccessible, thus a DDoS attack. DDoS attacks are on the rise Several firms are reporting a significant increase in DDoS attacks this year. Similar to cyberattacks in general, the pandemic has brought about a significant increase in activity. In the case of DDoS attacks, some of these reports indicate a doubling of activity in the first quarter of 2020. Perhaps more concerning is that the duration and sophistication of these attacks is also increasing. This is leading to increased disruption for impacted system, which means increased risk of financial and reputational loss, both significant concerns for businesses of all sizes. The pandemic has seen a significant increase in attacks targeting health care, government and educational platforms. All areas that have become even more critical during the pandemic. In some cases, the cybercriminals are extorting the targeted entities – either to get them to pay a ransom to stop the attack or to simply create a lack of trust in the impacted entity. Protecting your organization from DDoS attacks In the face of this increasing threat, organizations need to do all they can to mitigate this threat. While the threat is sophisticated and complex, the mitigation opportunities are improving. To start, organizations need to focus on being sure that their infrastructure is as resilient as possible. This means leveraging some basic network architecture designs, including geographic dispersion of servers across different data centers. Consider data centers across multiple providers as one option. Regardless of data center provider, be sure there are multiple access paths to the network to avoid any single point of failure. Redundancy is king. Redundant servers, switches, routers, firewalls, data centers, connectivity, power, etc. Redundant systems help prevent bottlenecks and single points of failure that can be exploited via a DDoS attack. As these threats have matured, so has the technology to defeat or minimize them. From next-generation firewalls to load balancers and other technologies, the technology is continually improving and including features designed to defeat or minimize DDoS attacks. You should also be sure that your network bandwidth is optimized to withstand a DDoS attack. If you can justify the expense, obtain as much bandwidth as possible to help manage a flood of traffic, should that occur. Also consider multiple internet connections to both load balance your connectivity and provide redundant backup. If one connection becomes flooded, you will have a secondary connection available to mitigate the impact. As DDoS attacks increase, more and more service providers are implementing systems to mitigate the attacks. Check with your internet and DNS providers and find out what technologies they may employ to minimize the effects of an attack, should one occur. If they don’t, check to see if any of the providers available to you do. Given the pervasive nature of DDoS attacks, even the most basic mitigation strategies should be in place. While you may never be able to prevent a DDoS attack completely, hopefully some of these strategies are available to you to increase your DDoS protection. The attack surface is large and bad actors will continue to exploit it. You have a responsibility to be as prepared as possible, to protect your reputation and your balance sheet. Source: https://www.cpomagazine.com/cyber-security/ddos-attacks-remain-a-serious-threat-to-businesses-worldwide/

Read the article:
DDoS Attacks Remain a Serious Threat to Businesses Worldwide

Teen who shook the Internet in 2016 pleads guilty to DDoS attacks

One of the operators behind a Mirai botnet pleaded guilty to their involvement in a huge DDoS attack that caused a massive Internet disruption during October 2016. Multiple high-profile websites and online services including Amazon, PayPal, Visa, Netflix, the PlayStation Network, and Airbnb were taken down as a direct result of this DDoS attack. The botnet, a variant of the Mirai botnet, was developed by the defendant with the help of others between roughly 2015 until November 2016, specifically for being used to target gaming platforms in DDoS attacks. The conspirators used it to infect and convert Internet-connected video cameras, recorders, and other Internet-of-Things (IoT) devices into bots that were used as the “army” that powered the group’s DDoS attacks. Over 100,000 infected devices used in the attack The defendant, a minor when the attacks took place, and his conspirators targeted their massive DDoS (Distributed Denial of Service) attack at the Sony PlayStation Network’s gaming platform but it also affected the systems of Domain Name System (DNS) provider Dyn. After the attack, many of the sites and services using Dyn’s DNS servers were also affected by this attack and remained down throughout the next day while the DNS provider was working to bring back up the main DNS servers targeted by the conspirators’ botnet. “We saw both attack and legitimate traffic coming from millions of IPs across all geographies,” Scott Hilton, Dyn EVP of Product, said in a summary of the attack. “It appears the malicious attacks were sourced from at least one botnet, with the retry storm providing a false indicator of a significantly larger set of endpoints than we now know it to be. “We are still working on analyzing the data but the estimate at the time of this report is up to 100,000 malicious endpoints.” Dozens of big sites and platforms affected The huge 2016 Dyn DDoS attack resulted in a massive Internet disruption later spread to hundreds of thousands of sites that used the DNS provider’s services. The list of impacted sites also included dozens of high-profile websites and online platforms that suffered losses from remediation costs and lost advertising revenues. The massive DDoS attack indirectly affected Dyn’s servers and brought down a substantial part of the Internet across both North America and Europe together with Sony’s PlayStation Network, the primary target of the attack. “According to court documents, on Oct. 21, 2016, the individual and others used the botnet they created to launch several DDoS attacks in an effort to take the Sony PlayStation Network’s gaming platform offline for a sustained period,” DoJ press release said. “The DDoS attacks impacted a domain name resolver, New Hampshire-based Dyn, Inc., which caused websites, including those pertaining to Sony, Twitter, Amazon, PayPal, Tumblr, Netflix, and Southern New Hampshire University (SNHU), to become either completely inaccessible, or accessible only intermittently for several hours that day. “ The identity of the defendant was withheld because they were juvenile at the time the offense was commissioned. The individual’s sentencing was scheduled for January 7, 2021. Source: https://www.bleepingcomputer.com/news/security/teen-who-shook-the-internet-in-2016-pleads-guilty-to-ddos-attacks/

View article:
Teen who shook the Internet in 2016 pleads guilty to DDoS attacks

How do I select cyber insurance for my business?

There has been a 70%+ increase in the average cost of a cybercrime to an organization over five years to $13mn and a 60%+ increase in the average number of security breaches, a recent report reveals. Losses resulting from external incidents, such as DDoS attacks or phishing and malware/ransomware campaigns, account for 85% of the value of claims, followed by malicious internal actions (9%) – which are infrequent but can be costly. To select suitable … More ? The post How do I select cyber insurance for my business? appeared first on Help Net Security .

Read this article:
How do I select cyber insurance for my business?

Protect your business from DDoS attacks: Join this webinar to find out more

Expert advice on how to combat one of the most dangerous online threats Promo   With the COVID-19 pandemic leading us all to depend on online services like we never have before, a DDoS attack that takes operations offline can have very serious and long-term consequences for a business. Add to this the huge surge in DDoS attacks this year, with assaults getting bigger, more powerful and disruptive, and it’s clear security leaders need to urgently get to grips with how to deal with them.…

View post:
Protect your business from DDoS attacks: Join this webinar to find out more

Spamhaus Intelligence API: Free threat intelligence data for security developers

Spamhaus Technology releases its Intelligence API. This is the first time Spamhaus has released its extensive threat intelligence via API, providing enriched data relating to IP addresses exhibiting compromised behaviour. Available free of charge, developers can readily access enhanced data that catalogues IP addresses compromised by malware, worms, Trojan infections, devices controlled by botnets, and third party exploits, such as open proxies. The API features live and historical data, including bot names, first seen dates, … More ? The post Spamhaus Intelligence API: Free threat intelligence data for security developers appeared first on Help Net Security .

See the original article here:
Spamhaus Intelligence API: Free threat intelligence data for security developers

DOSarrest Unleashes new version of its Simulated DDoS Attack platform

VANCOUVER, British Columbia, Dec. 01, 2020 (GLOBE NEWSWIRE) — DOSarrest Internet Security announced today that they have released a new version of its C ybe r A ttack P reparation P latform ( CAPP ) . CAPP is a serve yourself portal allowing customers to test their DDoS protection services they have in place or to stress test their website’s software capability under load. The service has over 50 different types of DDoS attacks in stock, the latest version is a completely new software build of the backend to accommodate a larger and more powerful botnet along with resource management. This version of CAPP, has a new easy to use Wizard to help customers navigate and launch multiple different attacks on multiple targets simultaneously. The customer interface is also integrated into DOSarrest’s customer portal along with all of their other Internet security services. Some of the new attacks now available include: SSL Connection Overload, GRE Protocol Floods, Database Stress Testing, Variable ICMP Type Floods & Advanced TCP Table Exhaustion, Enhanced HTTP Attacks – Able to randomize User agents, URI’s, referrers and much more, all with a high number of concurrent connections. DOSarrest CTO Jag Bains comments, “It’s interesting to see how different systems react to attacks; CAPP not only shows you the traffic to the victim but also shows you the traffic response from the victim. A small attack to a target can actually produce a response back that’s 500 times larger.” Bains adds, “Every time a customer uses the service, they learn something new, sometimes it’s bad news; the good news is, it’s only a test.” CEO of DOSarrest, Mark Teolis states “Pretty much all of the new attacks and enhancements are a result of customer feedback over the last few years of operating the service first launched in 2018. Customers know they have weak or overcommitted resources, and they want test them to make sure they don’t fail.” About DOSarrest Internet Security: DOSarrest founded in 2007 in Vancouver, B.C., Canada serves a global client base and specializes in fully managed cloud based Internet security services including DDoS prot e ction for websites , Net w ork Infrastructure protection , W eb A pplication F ir e w a ll (WAF) , Traff i c Analyzer as well as C A PP . Source: https://www.globenewswire.com/news-release/2020/12/01/2137310/0/en/DOSarrest-Unleashes-new-version-of-its-Simulated-DDoS-Attack-platform.html

Read the original post:
DOSarrest Unleashes new version of its Simulated DDoS Attack platform

How prevalent is DNS spoofing? Could a repeat of the Dyn/Mirai DDoS attack have the same results?

Two separate groups of academics have recently released research papers based on research into the Domain Name System (DNS). One has found that the overwhelming majority of popular site operators haven’t learned from the 2016 Dyn/Mirai incident/attack and set up a backup DNS server, and the other has shown that the rate of DNS spoofing, though still very small, has more than doubled in less than seven years. DNS dependency Carnegie Mellon University PhD student … More ? The post How prevalent is DNS spoofing? Could a repeat of the Dyn/Mirai DDoS attack have the same results? appeared first on Help Net Security .

Continue Reading:
How prevalent is DNS spoofing? Could a repeat of the Dyn/Mirai DDoS attack have the same results?

Attacks are rising in all vectors and types

DDoS, web application, bot, and other attacks have surged exponentially compared to the first half of 2019, according to CDNetworks. In particular, attacks on web applications rose by 800%. These alarming statistics show that enterprises are experiencing challenging times in their attempts to defend against cyber attacks and protect their online assets. Hackers extremely sensitive to industry transformation The report goes on to say that hackers are extremely sensitive to industry transformation. For this reason, … More ? The post Attacks are rising in all vectors and types appeared first on Help Net Security .

View original post here:
Attacks are rising in all vectors and types

Cyber insurance claims on the rise

External attacks on companies result in the most expensive cyber insurance losses, but it is employee mistakes and technical problems that are the most frequent generator of claims by number, according to a report from Allianz Global Corporate & Specialty (AGCS). The study analyzes 1,736 cyber-related insurance claims worth EUR 660mn (US$ 770mn) involving AGCS and other insurers from 2015 to 2020. “Losses from incidents such as distributed denial of service (DDoS) attacks or phishing … More ? The post Cyber insurance claims on the rise appeared first on Help Net Security .

Read More:
Cyber insurance claims on the rise

In 2016 Australia’s online census failed. Preparations for the 2021 edition have been rated ‘partly effective’

Devs can make unauthorised changes, data integrity is a work in progress, security is not there yet … and there’s just nine months to go In 2016 Australia’s online census crashed and burned after legitimate attempts to complete the survey were mistaken for a DDOS attack, the routers funneling traffic failed and disaster recovery plans did likewise.…

Continue reading here:
In 2016 Australia’s online census failed. Preparations for the 2021 edition have been rated ‘partly effective’