Author Archives: Enurrendy

Chinese firm recalls camera products linked to massive DDOS attack

Hangzhou Xiongmai Technology is recalling earlier models of four kinds of cameras due to a security vulnerability A Chinese electronics component maker is recalling 4.3 million internet-connected camera products from the U.S. market amid claims they may have played a role in Friday’s massive internet disruption. On Monday, Hangzhou Xiongmai Technology said it was recalling earlier models of four kinds of cameras due to a security vulnerability that can make them easy to hack. “The main  security  problem is that users aren’t changing the device’s default passwords,” Xiongmai said in a Chinese-language statement posted online. According to  security  firm Flashpoint, malware known as Mirai has been exploiting the products from Xiongmai to launch massive distributed denial-of-service attacks, including Friday’s, which slowed access to many popular sites, including Netflix, PayPal, and Twitter. Companies observing Friday’s disruption said botnets powered by the Mirai malware were at least partly responsible for the attack. Xiongmai, a maker of camera modules and DVR boards, has acknowledged that its products have been a target for hackers, but it said it patched the problem with the default passwords back in April 2015. For older products, the company has come up with a firmware update to fix the flaw. To prevent the security risks, the company has still decided to recall earlier models. However, Xiongmai has also dismissed news reports that its products were largely behind Friday’s DDOS attack as untrue and is threatening legal action against those who damage its reputation. “Security vulnerabilities are a common problem for mankind,” the  company  said. “All industry leaders will experience them.” Experts have said the Mirai malware is probably targeting products from several vendors, in addition to Xiongmai. The malicious coding is built to try a list of more than 60 combinations of user names and passwords when infecting  devices . So far, the Mirai malware has gone on to infect at least 500,000 devices, according to internet backbone provider Level 3 Communications. Source: http://www.pcworld.com/article/3133962/chinese-firm-recalls-camera-products-linked-to-massive-ddos-attack.html

Read More:
Chinese firm recalls camera products linked to massive DDOS attack

Anonymous hacker charged with #opJustina DDoS attacks on hospital

The Anonymous-affiliated hacker who admitted to cyberattacks on two hospitals in the #opJustinaoperation and fled the country while being investigated was indicted last week. Martin Gottesfeld, 32, a biotechnology information technology professional from Somerville, Massachusetts, is being charged with conspiracy to launch cyberattacks against two local hospitals: Boston Children’s Hospital (BCH) and the Wayside Youth and Family Support Network, a mental health facility. Those two hospitals were at the center of a case that attracted masses of media attention: that of Justina Pelletier, the then-15-year-old who was caught in a 16-month custody battle as her parents tried to have her treated for mitochondrial disease at one hospital, while Boston Children’s Hospital treated her in a psychiatric unit as a ward of the state. Gottesfeld’s indictment, handed down on Wednesday, also charges him with intentional damage to a protected computer. Both are felony hacking charges. Gottesfeld admitted to the attacks last month, explaining how he did it and why in an editorial published by the Huffington Post. I had heard many, too many, such horror stories of institutionalized children who were killed or took their own lives in the so-called “troubled teen industry”. I never imagined a renowned hospital would be capable of such brutality and no amount of other good work could justify torturing Justina. The distributed denial of service (DDoS) attack against BCH was planned for maximum financial damage, Gottesfeld said: he knew that the hospital was planning a big fundraising drive and that most donors gave online. In his editorial, he went on to scoff at BCH for making it easy for him to attack it, since the hospital kept its donation page on the same public network as the rest of its systems: Rookie mistake. To take it down, I’d have to knock the whole hospital off the internet. He also claimed that no patients would be harmed: There’s no such thing as an outage-proof network, so hospitals have to be able to function without the internet. It’s required by federal law, and for accreditation. The only effects would be financial and on BCH’s reputation. That’s not how the hospital, or the prosecution, sees it. The indictment states that BCH had to shut down its access to the internet and email servers to protect patient medical records. That meant that physicians outside the hospital couldn’t get at patients’ records. Nor could patients communicate with their doctors. BCH claims that responding to, and mitigating, the damage of the attack cost $300,000, while the disruption in fundraising meant another $300,000 hit, for a total loss of $600,000. Gottesfeld claims that the attack against BCH was a justifiable reaction to the actions of the hospital, which was described as  a “parentectomy”. Gottesfeld’s defence, to blame the hospital for the attack, is all too commonly heard. The blame-the-victim reasoning is often voiced by other cyberattackers, be it from people who guess at weak passwords and use them to waltz into accounts without authorization, or those who launch crippling attacks such as those that Gottesfeld admits to. But just because it’s easy to do doesn’t make those or other cybercrimes OK. They’re illegal, and they can result in jail time, fines or both. Each of the charges Gottesfeld’s facing carry a maximum sentence of five years in jail, along with fines. Gottesfeld has been detained in Rhode Island since he and his wife were plucked off their boat near the coast of Cuba and arrested in Florida. When the indictment was handed down last Wednesday, Gottesfeld was reportedly on day 16 of a hunger strike over the appointment of the office of Carmen Ortiz as his prosecutor. Ortiz was the prosecutor in the cases against both Aaron Swartz and Jonathan James, who both later took their own lives. She has faced sharp criticism over her approach to those cases. In spite of his admission to the DDoS attacks, Gottesfeld is likely to plead not guilty at his arraignment this week before US Magistrate Judge Marianne B. Bowler, his wife told the Washington Times. Source: https://nakedsecurity.sophos.com/2016/10/24/anonymous-hacker-charged-with-opjustina-ddos-attacks-on-hospitals/

Taken from:
Anonymous hacker charged with #opJustina DDoS attacks on hospital

How Hackers Make Money from DDoS Attacks

Attacks like Friday’s are often financially motivated. Yesterday’s attack on the internet domain directory Dyn, which took major sites like Twitter and Paypal offline, was historic in scale. But the motivation for the attack may seem opaque, since no valuable information seems to have been stolen. A group called New World Hackers is claiming credit, but giving conflicting accounts of their motives—and security experts have called them “impostors.” So why else might someone have done it? This class of hack, known as a distributed denial of service (DDoS) attack, has been around for a while. And while many DDoS attacks are indeed motivated by politics, revenge, or petty trolling, there’s frequently money involved. For instance, DDoS attacks are often used as leverage for blackmail. Once a hacking group has a reputation for being able to field a large and dangerous botnet to knock servers offline, they can demand huge ‘protection’ payments from businesses afraid of facing their wrath. In fact, they don’t even have to do the hacking in the first place—in one recent case, someone posing as a notorious cabal merely emailed blackmail messages and managed to pocket tens of thousands of dollars before they were exposed. In the current case, there are rumors that Dyn was a target of extortion attempts before the attack. And the hackers behind what may be the biggest DDoS attack in history could demand a pretty penny to leave other companies alone. A wave of impostors will likely give it a shot, too. There’s another, even darker money-driven application of DDoS attacks—industrial sabotage. Companies seeking to undermine their competition can hire hackers to take the other guys offline. DDoS services are often contracted through so-called “booter” portals where anyone can hire a hacker’s botnet in increments as small as 15 minutes. Researchers found last year that three of the most prominent booter services at the time had over 6,000 subscribers in total, and had launched over 600,000 attacks. (And despite the criminal reputation of Bitcoin, by far the largest method used to pay for DDoS-for-hire was Paypal.) But it’s unlikely that this was some sort of hit called in by a competitor of Dyn—that tactic seems to primarily appeal to already-shady dealers, including online gambling operations. Finally, DDoS attacks can serve as a kind of smokescreen for more directly lucrative crimes. While a security team is struggling to deal with an army of zombie DVRs pummeling their system, attackers can grab passwords, credit card numbers, or identity information. In weighing possible explanations for Friday’s attack, it’s important to note the massive scale of the thing. Even if their claims of responsibility aren’t credible, New World Hackers’ description of about 1.2 terabits of data per second thrown at Dyn’s servers is both vaguely plausible and utterly mind-boggling. That’s around a thousand times as powerful as the huge 620 gigabit per second attack that knocked out a single website, Krebs on Security, last month. Dyn has also described the attack as sophisticated, arriving in three separate waves that targeted different parts of their systems. That kind of operation could have been pulled off by a gang of kids doing it for kicks—and maybe that’s the scarier scenario. But such a massive undertaking suggests bigger, and possibly more lucrative, motivations. Source: http://fortune.com/2016/10/22/ddos-attack-hacker-profit/

See the original post:
How Hackers Make Money from DDoS Attacks

Major US DNS provider hit with DDoS, part of the Internet becomes unreachable

US-based DNS provider Dyn has suffered a massive DDoS attack earlier today, and it resulted in many websites being completely or intermittently inaccessible for a few hours. According to status reports published by the company, the target of the attack was the company’s Managed DNS infrastructure, and impacted Managed DNS customers located on the East Coast of the US. Among the websites that experienced issues as a result of the attack are Reddit, GitHub, Spotify, … More ?

Excerpt from:
Major US DNS provider hit with DDoS, part of the Internet becomes unreachable

Twitter, Amazon, other top websites shut in cyber attack

Major internet services including Twitter, Spotify and Amazon suffered service interruptions and outages on Friday as a US internet provider came under a cyber attack. The internet service company Dyn, which routes and manages internet traffic, said that it had suffered a distributed denial of service (DDoS) attack on its domain name service shortly after 1100 GMT. The service was restored in about two hours, Dyn said. The attack meant that millions of internet users could not access the websites of major online companies such as Netflix and Reddit as well as the crafts marketplace Etsy and the software developer site Github, according to media reports. The website Gizmodo said it had received reports of difficulty at sites for media outlets including CNN, The Guardian, Wired, HBO and People as well as the money transfer service PayPal. Dyn, which is headquartered in New Hampshire, said the attack went after its domain name service, causing interruptions and slowdowns for internet users. “This morning, October 21, Dyn received a global DDoS attack on our Managed DNS infrastructure in the east coast of the United States,” Scott Hilton, executive vice president for products at Dyn, said in a statement. “We have been aggressively mitigating the DDoS attack against our infrastructure.” The company said it was continuing to investigate. A map published by the website downdetector.com showed service interruptions for Level3 Communications, a so-called “backbone” internet service provider, across much of the US east coast and in Texas. Amazon Web Services, which hosts some of the most popular sites on the internet, including Netflix and the homestay network Airbnb, said on its website that users experienced errors including “hostname unknown” when attempting to access hosted sites but that the problem had been resolved by 1310 GMT. Domain name servers are a crucial element of internet infrastructure, converting numbered Internet Protocol addresses into the domain names that allow users to connect to internet sites. Distributed denial of service or DDoS attacks involve flooding websites with traffic, making them difficult to access or taking them offline entirely. Attackers can use them for a range of purposes, including censorship, protest and extortion. The loose-knit hacktivist network Anonymous in 2010 targeted the DNS provider EveryDNS among others in 2010 as retribution for denying service to the anti-secrecy organization WikiLeaks. “The internet continues to rely on protocols and infrastructure designed before cyber security was an issue,” said Ben Johnson, a former engineer at the National Security Agency and founder of the cybersecurity company Carbon Black. He said that growing interconnection of ordinary devices to the internet, the so-called “internet of things,” increased the risks to networks. “DDoS, especially with the rise of insecure IOT devices, will continue to plague our organizations. Sadly, what we are seeing is only the beginning in terms of large scale botnets and disproportionate damage done.” Source: http://phys.org/news/2016-10-twitter-spotify-websites-ddos.html

Read the article:
Twitter, Amazon, other top websites shut in cyber attack

Bitter feud between partners as IBM deflects eCensus blame

NextGen, Vocus refute claims of error. A bitter feud has broken out between IBM and its internet service provider partners for the 2016 eCensus as the main contractor tried to deflect blame for the site’s meltdown on August 9 In its first detailed response to the failure, IBM said it had plans in place for the risk of DDoS attacks, but its efforts were to no avail thanks to a failure at an upstream provider. The ABS at the time said it had been forced to take the site offline on Census night following a series of DDoS attacks combined with the failure of the network geoblocking function and the collapse of a router. The statistics body has publicly criticised IBM for failing to properly implement a geoblocking service, which would have halted the international DDoS attack targeted at the Census site. But IBM is now laying blame squarely at the feet of its internet service provider partner NextGen and NextGen’s upstream supplier Vocus for the geoblocking bungle. It claimed NextGen had provided “repeated” assurances – including after the day’s third DDoS attack – that a geoblocking strategy that IBM codenamed ‘Island Australia’ had been correctly put in place. However, when the fourth and biggest DDoS attack of the day hit at around 7:30pm, IBM said it became clear that a Singapore link operated by Vocus had not been closed off, allowing the attack traffic to pass through to the Census site. “Vocus admitted the error in a teleconference with IBM, NextGen and Telstra around 11.00 pm on 9 August 2016,” IBM said. “Had NextGen (and through it Vocus) properly implemented Island Australia, it would have been effective to prevent this DDoS attack and the effects it had on the eCensus site. As a result, the eCensus site would not have become unavailable to the public during the peak period on 9 August 2016.” IBM said while it accepted its responsibility as the head contractor for the eCensus, it could not have avoided using ISPs to provide links for the website. “It is not possible for an IT services company such as IBM to implement the 2016 eCensus without engaging ISPs. It was necessary for IBM to involve the ISPs in the implementation of the geoblocking solution as they have control over their respective data networks and are in a position to block internet traffic originating from particular domains or IP addresses.” IBM did, however, admit what many security experts speculated had occured – that following the fourth DDoS a system monitoring dashboard showed an apparent spike in outbound traffic, causing its staff to wrongly assume data was being exfiltrated from the website, prompting IBM to shut down the website. The contractor also revealed that a configuration error meant a manual reboot of one of its routers – which was needed after the eCensus firewall became overloaded with traffic – took much longer to rectify than it should have, keeping the site offline for a further hour and a half. NextGen, Vocus fight back But Vocus said NextGen was well aware that Vocus would not provide geoblocking services, and had instead recommended its own DDoS protection. IBM declined the offer, Vocus said. NextGen and Vocus instead agreed on remote triggered black hole (RTBH) route advertisements with international carriers. “If Vocus DDoS protection product was left in place the eCensus website would have been appropriately shielded from DDoS attacks,” Vocus said in its submission to the inquiry. Vocus refuted IBM’s claim that it had failed to implement geoblocking, revealing that it had not been made aware of IBM’s DDoS mitigation strategy – including ‘Island Australia’ – until after the fourth attack on August 9. “As a result, any assumption that Vocus was required to, or had implemented Island Australia or geo-blocking including, without limitation … are inaccurate,” Vocus said. “Once Vocus was made aware of the fourth DDoS attack, it implemented a static null route to block additional DDoS traffic at its international border routers within 15 minutes.” Vocus also argued that the fourth DDoS was not as large as IBM claimed, comprising of attack traffic that peaked at 563Mbps and lasting only 14 minutes – which it said was “not considered significant in the industry”. “Such attacks would not usually bring down the Census website which should have had relevant preparations in place to enable it to cater for the expected traffic from users as well as high likelihood of DDoS attacks.” NextGen, in its own submission, claimed it had “strongly recommended” to IBM that it take up a DDoS protection product like that on offer by Vocus, but the contractor declined. The ISP said it was not made aware of details of IBM’s ‘Island Australia’ strategy until six days before the eCensus went live in late July. At that point it told IBM that an IP address range it had provided was part of a larger aggregate network and therefore would not respond to “specific international routing restrictions” if ‘Island Australia’ was implemented. “Nextgen recommended using an alternative IP address range, which would give IBM better control, but this was rejected by IBM,” the ISP said. IBM instead chose to request NextGen’s upstream suppliers apply IP address blocking filters and international remote black holes for 20 host routes. “Nextgen believes that the individual host routes picked by IBM may not be exhaustive, and DDoS attacks could come from other routes in the IP address range (which they did in the third DDoS attack on Census day),” NextGen said. “There were a number of routes without geoblocking during the fourth DDoS attack, and which were not identified during testing, along with the [Vocus] Singapore link.” NextGen said it again offered to implement DDoS protection, this time at its own cost, which IBM agreed to four days after the events of August 9. Source: http://www.itnews.com.au/news/bitter-feud-between-partners-as-ibm-deflects-ecensus-blame-439752

Continue reading here:
Bitter feud between partners as IBM deflects eCensus blame

Media vulnerable to Election Night cyber attack

A hack on the AP and its results tally could have chaos-inducing consequences. Despite spending hundreds of millions of dollars on security upgrades, U.S. media organizations have failed to properly protect their newsrooms from cyberattacks on their websites, communications systems and even editing platforms — opening themselves up to the possibility of a chaos-creating hack around Election Day. In just the past month, BuzzFeed has been vandalized, and both Newsweek and a leading cybersecurity blog were knocked offline after publishing articles that hackers apparently didn’t appreciate. Federal law enforcement is investigating multiple attacks on news organizations, and journalists moderating the presidential debates say they’ve even gotten briefings from the FBI on proper cyber hygiene, prompting them to go back to paper and pens for prep work. “We do a lot of printing out,” said Michele Remillard, an executive producer at C-SPAN, the network home to the backup moderator for all the debates. Journalists are seen as especially vulnerable soft targets for hackers. Their computers contain the kinds of notes, story ideas and high-powered contact lists coveted by foreign intelligence services. They also work in an environment that makes them ripe for attack, thanks to professional demands like the need for a constant online presence and inboxes that pop with emails from sources whom they don’t always know and which frequently contain the kinds of suspicious links and attachments that can expose their wider newsroom networks. Senior U.S. officials, current and former lawmakers and cybersecurity pros told POLITICO the threat against the media is real — and they fret the consequences. Specifically, the security community is worried The Associated Press’ army of reporters could get hacked and the wire service — the newsroom that produces the results data on which the entire media world relies — inadvertently starts releasing manipulated election tallies or that cybercriminals penetrate CNN’s internal networks and change Wolf Blitzer’s teleprompter. “It’s the art of possible is what really scares me,” said Tony Cole, chief technology officer of FireEye, a Silicon Valley-based cybersecurity firm that works with some of the country’s major television and newspaper companies. “Everything is hackable.” “No site is safe,” added Tucker Carlson, editor-in-chief of The Daily Caller. “If the federal government can be hacked, and the intelligence agencies have been hacked, as they’ve been then, can any news site say we have better cybersecurity than the FBI or Google?” The media have long been a spy’s best friend. Intelligence community sources say that foreign and U.S. agents use local newspapers to look for clues about their targets, and that strategy has only grown more sophisticated in an all-online era in which foreign intelligence is reportedly known to hover over a media company’s servers searching for any kind of heads-up on relevant stories inching closer to publication. Reporters on the campaign trail and back in their home bureaus said in interviews that they’ve become increasingly aware of their status as potential hacking victims. The spate of recent attacks — involving their sites and their competitors’ — are more than ample warning of what’s possible. Several journalists said they now use email and other communication with the expectation they’re being watched, and under the assumption that their messages can and will be hacked and shared publicly with the wider world. “We’re a bigger target than the 7-Eleven down the street,” said Mark Leibovich, chief national correspondent for The New York Times Magazine. “Presumably, we have really good, smart IT people who know what they’re doing, who are taking all kinds of precautions, who are acutely in tune with what the risks are and what the threats are.” There is perhaps no greater target in election journalism than the AP, the venerable wire service that will have more than 5,000 reporters, editors and researchers working across the country, tabulating results, calling races and feeding a much wider network of subscribers. Often other news outlets refer to the AP before making calls on races, and AP projections on the East Coast can have effects on West Coast voting, which closes hours later thanks to the time differences. Multiple sources in media, government and the security industry fretted about the effect if the AP were to get hit, and what that would do to their ability to get the news out. The AP will deploy reporters across the country to send up vote tallies, usually by phone, the  wire service  explained to The Washington Post in May. It also has multiple checks and balances in place to monitor for errors. But as with many other news organizations contacted by POLITICO, AP spokesman Paul Colford said the wire service’s policy is to refrain from making public comments about its security measures. “Given the extraordinary interest in the presidential election and thousands of other state and local contests, we would add that AP has been working diligently to ensure that vote counts will be gathered, vetted and delivered to our many customers on Nov. 8,” he said. Federal and state officials stress that even a successful hack on a major news outlet around Election Day would not affect the final results, which typically take weeks to certify. The vote tallies, after all, will be available on official sites and in many instances on special social media feeds. And if a news site did get defaced with incorrect information, the results would be more like a modern-day version of the famous ‘Dewey Defeats Truman’ headline that President Harry Truman triumphantly held aloft the day after his 1948 reelection. Still, there is a widespread recognition — from the White House down to the local precinct level — that a hack on the media could be damaging given the role it plays in getting election news out to satisfy the country’s insatiable information appetite. Misinformation circulated in the early hours of Nov. 8 about the race’s trajectory, for example, could factor into a voter’s decision to even show up during the election’s final hours, especially in Western states. There’s also concern that false media reports spread via a hacked news account could be a potential spark for violence in an already exceptionally charged atmosphere. On the flip side, there’s a recognition that the media can help build public confidence in the final results, especially following a campaign that’s been engulfed in its closing weeks by Russian-sponsored hacking of the Democratic National Committee, the hacking of Hillary Clinton’s campaign chairman’s personal emails, and Donald Trump’s unfounded charges of vote rigging. “To the degree that foreign hackers could prevent the dissemination of good information around the election, that can be a problem,” said Rep. Adam Schiff, the top Democrat on the House Intelligence Committee. The California congressman said he frets that media outlets, like many other industries, face “massive costs” in protecting themselves against cyberattacks with “no end in sight” to the potential risks. Schiff added that he is especially concerned about smaller news organizations without major IT budgets or the backing of larger parent companies. “They’re much more vulnerable,” he said. Cybersecurity experts say media spending to protect news organizations against cyberattack has grown substantially in the past three years, especially in the wake of North Korea’s attack on Sony Pictures in late 2014. The price tag for vulnerability audits and other techniques varies by the size of the newsroom and the surface area for potential attacks, but multiple sources said quarterly audits can easily cost $50,000 or more. Cyber experts and media officials from newsrooms across the country said they’re prepped to deal with a range of threats to their sites, including the kinds of malware that can infect a computer network and give hackers an entry point to manipulate a home site. They’re also building backup capacity in the event of a DDoS attack, or distributed denial of service, that tries to overwhelm a website or server with fake traffic. News sites, they note, are already prepping for monster traffic around the election, which can surge as much as 30 times compared with other big events this cycle, such as a debate or primary. At the staffing level, newsrooms have also been pushing for better cyber habits by hosting training seminars, requiring employees to take must-pass exams and requiring double-authentication before granting access to a newsroom’s internal filing system and social media accounts. But cyber experts warn that all the preparatory work in the world can matter little for a news organization if it’s facing an attack from a more sophisticated actor. “If all of a sudden your adversary becomes a nation-state, like Sony or the DNC with Russia, you see those kind of procedures aren’t worth a darn,” said Robert Anderson, a former senior FBI cyber official and a managing director at the Navigant consulting firm. The press has indeed been a familiar target for hackers. In 2013, hackers hit the AP’s Twitter account and posted a false report about a bombing at the White House, sending the stock market into a five-minute spiral. In more recent incidents, a USA Today columnist wrote an article in February admitting he was hacked midair while using his commercial flight’s WiFi, and the New York Times reported in August that its Moscow bureau was targeted by what were believed to be Russian hackers. Newsweek blamed hackers for a DDoS attack that took down its site last month soon after it published an article about Trump’s company allegedly violating the U.S. embargo against Cuba through secret business dealings in the 1990s. And BuzzFeed had several articles on its site altered earlier this month after it ran a story identifying a person allegedly involved in the hacking of tech CEOs and celebrities. “I’m sure that lots of newsrooms are having this conversation right now, particularly as we get closer to the election and people have a lot more to lose when things don’t go their way,” said Brian Krebs, the cybersecurity blogger and former Washington Post reporter whose site went down last month after a major DDoS attack that he says was spawned by his reporting about the arrest of two Israeli hackers. With the threat of hackings against the media reaching such a heightened pace, many election observers urged both reporters and the reading public to take a deep breath as the results start coming in. “If Twitter is reporting that Jill Stein wins South Carolina, that should probably give you pause,” said David Becker, executive director of the Center for Election Innovation and Research. Source: http://www.politico.com/story/2016/10/media-vulnerable-to-election-night-cyber-attack-229956

View post:
Media vulnerable to Election Night cyber attack

Ubisoft’s Servers Have Been Down For Several Hours, Could Be DDoS

Since early this morning gamers have reported server issues when playing Ubisoft games across all platforms. Ubisoft Support has confirmed the problem, sharing that it is affecting all its services, including its digital shop and official website. Ubisoft has provided the  following updates  regarding the issue: [12:44PM EDT]  We are still looking into this issue. We appreciate your understanding in the meantime.? [1:12PM EDT] Our shop and websites are also affected by this issue. We are still investigating further. Thank you for your patience thus far. Although for some of Ubisoft’s games this is a mere inconvenience, multiplayer-oriented games are currently unplayable. This has resulted in thousands of posts on Twitter directed at Ubisoft, requesting when the problem will be fixed. There is currently no ETA. It is unclear what the root cause of the issue is, although this type of problem usually happens due to DDoS.  Source: http://www.gamerevolution.com/news/ubisofts-servers-have-been-down-for-several-hours-could-be-ddos-37913

Read the original post:
Ubisoft’s Servers Have Been Down For Several Hours, Could Be DDoS

Internet service providers face DDoS attack second time in the last three months

The service providers have also alleged that their complaints about the DDoS attacks have gone ignored. Internet service providers (ISPs), mainly from Mumbai and Pune, claimed they are being targeted in a distributed denial of service (DDoS) attack for the second time in the last three months, and said they will raise the issue of cyber terrorism with IGP (Cyber) Brijesh Singh. They also claimed that their complaint was not taken seriously by the Pune Police. “We have been facing DDoS attacks since September 15 and have been running from pillar to post to lodge a complaint, but no officer from the Pune Police has taken a serious stand on our complaint. We are now going to lodge our complaint with IGP (Cyber) Brijesh Singh,” Kishore Desarda, director, Gazon Communication, said. A DDoS attack typically bombards websites with requests, overloading the portal until its server crashes, thus denying access to legitimate users. “Such attacks, which reduce (Internet) speed to almost zero, have posed a serious threat to businesses of all ISPs, not only in Mumbai and Pune but across Maharashtra, and they need to be curbed immediately,” Mr. Desarda said. In July, ISPs had filed an FIR with the IG’s office about DDoS attacks. The case is being investigated by the Mumbai Police’s cyber cell. Another leading ISP said, “DDoS attackers are back in business and it has hit services adversely in cities like Mumbai, Thane, Navi Mumbai and Pune. This unprecedented attack on ISPs is akin to cyber terrorism and has assumed extreme significance against the backdrop of the hacking of more than 35 Central and State government websites in the last few days.” In July, ISP representatives had met IGP Singh and had apprised him of the gravity of this sort of ‘cyber terrorism’. Following their request, the cyber cell had registered an FIR and launched a probe. “Some unknown people are involved in crashing the networks of ISPs by making lakhs of requests at a particular terminal at a particular time at an unprecedented level, thus slowing down the whole internet experience, which we call DDOS. The Cyber Crime department is taking all possible measures to nab the perpetrators,” Mr. Singh had said earlier Source: http://www.bgr.in/news/internet-service-providers-face-ddos-attack-second-time-in-the-last-three-months/

View article:
Internet service providers face DDoS attack second time in the last three months