Category Archives: DDoS News

Furby Rickroll demo: what fresh hell is this?

Toy-makers, please quit this rubbish, you’re NO GOOD at security Here’s your future botnet, world: connected kids toys that will Rickroll their owners while hosing big servers and guessing the nuclear codes.…

Original post:
Furby Rickroll demo: what fresh hell is this?

Operator of DDoS protection service named as Mirai author

Krebs says he’s fingered author of epic IoT web assault code The author of the massive distributed denial-of-service attack malware Mirai, which ropes infected routers and internet of things devices into remotely controlled armies, is a New Jersey man, according to journo Brian Krebs.…

More:
Operator of DDoS protection service named as Mirai author

2017 may be crisis year for DDoS attacks, warns Deloitte

The proliferation of IoT devices and IoT exploit kits may make 2017 a turning point in DDoS attacks requiring new defence tactics, warns Deloitte Organisations have generally been able to keep pace with the increasing size, frequency and impact of distributed denial of service (DDoS) attacks, but that may change in 2017, Deloitte has warned. DDoS is not a new topic, but the potential scale of the problem in 2017 is, according to the latest Technology, media and telecommunications predictions report from Deloitte. The size of DDoS attacks increased by an average of 30% a year from 2013 to 2015, but 2016 saw the first two attacks of one terabit per second (Tbps) or more, and Deloitte predicts that trend will continue in 2017. According to the report, 2017 will see an average of one attack a month reaching at least 1Tbps in size, with the number of DDoS attacks for the year expected to reach 10 million. Deloitte predicts an average attack size of 1.25Gbps to 1.5Gbps, and the report points out that an unmitigated attack in this size range would be sufficient to take many organisations offline. The anticipated escalation is due to three concurrent trends, the report said. First, the growing installed base of insecure internet of things (IoT) devices that are usually easier to incorporate into botnets than PCs, smartphones and tablets. Second, the online availability of malware methodologies such as Mirai, which allow relatively unskilled attackers to corral insecure IoT devices and use them to launch attacks. Third, the availability of ever-higher bandwidth speeds, which means that each compromised device can send a lot more junk data. The report warns that the consequence of the growth of IoT devices alone could mean that content distribution networks (CDNs) and local mitigations may not be able to scale readily to mitigate the impact of concurrent large-scale attacks, requiring a new approach to tackling DDoS attacks. Phill Everson, head of cyber risk services, Deloitte UK, said a DDoS attack aims to make a website or connected device inaccessible. “DDoS attacks are the equivalent of hundreds of thousands of fake customers converging on a traditional shop at the same time. The shop struggles to identify genuine customers and quickly becomes overwhelmed. The consequence could see an online commerce site temporarily unable to transact, or a government site not able to process tax returns,” he said. Everson said the expected volume and scale of DDoS attacks in 2017 would challenge the defences of most organisations, regardless of size. “Businesses of all sizes should acknowledge the growing DDoS threat and consider how best to handle attacks of these magnitudes,” he said. Any organisation that is increasing its dependence on the internet should be aware of a potential spike in the impact of such attacks, according to the report. The entities that should remain alert include, but are not limited to, retailers with a high share of online revenues, online video game companies, video streaming services, online business and service delivery companies such as financial services firms, and government online services, the report said. “Some organisations may have become a little blasé about DDoS attacks, however these attacks are likely to increase in intensity in 2017 and beyond, and the attackers are likely to become more inventive. Unfortunately, it may never be possible to relax about DDoS attacks,” authors of the report said. Deloitte recommends that companies and governments should consider a range of options to mitigate the impact of DDoS attacks, such as decentralising critical functions like cloud computing, leasing a larger bandwidth capacity than they need, proactively identifying weaknesses and vulnerabilities related to DDoS attacks, developing agile defence techniques, and introducing granular traffic filtering capabilities. Source: http://www.computerweekly.com/news/450411183/2017-may-be-crisis-year-for-DDoS-attacks-warns-Deloitte

See more here:
2017 may be crisis year for DDoS attacks, warns Deloitte

Can a DDoS attack on Whitehouse.gov be a valid protest?

A software engineer wants to take down the Whitehouse.gov site to oppose Trump’s inauguration When Donald Trump is inaugurated as the U.S. President on Friday, Juan Soberanis intends to protest the event — digitally. His San Francisco-based protest platform is calling on Americans to oppose Trump’s presidency by visiting the Whitehouse.gov site and overloading it with too much traffic. In effect, he’s proposing a distributed denial-of-service attack, an illegal act under federal law. But Soberanis doesn’t see it that way. “It’s the equivalent of someone marching on Washington, D.C,” he said on Monday. “Civil disobedience has been part of the American democratic process.” Soberanis’s call to action is raising eyebrows and highlights the isssue of whether DDoS attacks should be made a legitimate form of protest. Under the Computer Fraud and Abuse Act, sending a command to a protected computer with the intent to cause damage can be judged a criminal offense. But that hasn’t stopped hacktivists and cyber criminals from using DDoS attacks to force websites offline. In 2013, the U.S. charged 13 people affiliated with the hacktivist group Anonymous for launching DDoS attacks on government entities, trade groups and law firms. Typically, hackers launch such attacks by using several servers, or huge numbers of infected PCs called botnets, to flood their targets with an overwhelming amount of traffic. Soberanis’s protest effort is simpler. He’s hoping that millions of individuals join his protest by visiting Whitehouse.gov and continually refreshing the page. “There’s nothing illegal,” he said. “We are just a large group of people, making a GET request,” he said, referring to the HTTP request method to access a web page. Soberanis, who works as a software engineer, created his Protester.io platform about a month ago to encourage activism. It currently has no funding, but the site managed to gain a bit of buzz last week. The PR Newswire public-relations service circulated a press release from Protestor.io, only to retract it later after realizing the release was calling for a “take down” of Whitehouse.gov. “There’s also been some detractors,” he said. “They support Trump and have a very different viewpoint.” Soberanis isn’t the first to argue that DDoSing can be a form of legitimate protest. Briefly in 2013, a failed online petition was posted on the White House’s website about the same subject. It argued that DDoSing a website was not a form of hacking, but a new way for protesting. “Instead of a group of people standing outside a building to occupy the area, they are having their computer occupy a website,” the petition said. Some agree and think that DDoS attacks, in certain scenarios, can work as a valid form of protest. Laws like the Computer Fraud and Abuse Act are “over broad” and “chilling” political speech, said Molly Sauter, author of The Coming Swarm, a book that examines DDoS attacks used in activism. A DDoS attack on Whitehouse.gov — a site designed more for public relations than for operations – also wouldn’t disrupt any major government activities, Sauter said. Taking it down could be seen as “more or less like protesting outside on the street,” she said. “Now, is that going to be successful?” she asked. “Frankly, it’s not likely that the Whitehouse.gov site wouldn’t have DDoS protection.” But others think a DDoS attack on the Whitehouse.gov is still a crime. Making it legal would open a can of worms, they say. “If they can do this to Whitehouse.gov with impunity now, can they also do it to Exxon without worry of legal troubles?” said Mark Sauter (no relation to Molly Sauter), a former U.S. Army officer who consults security and tech companies. He questions why protestors like Soberanis are resorting to DDoS attacks when they can publish their own websites or speech against Trump. Source: http://www.csoonline.com/article/3158826/security/can-a-ddos-attack-on-whitehousegov-be-a-valid-protest.html

Originally posted here:
Can a DDoS attack on Whitehouse.gov be a valid protest?

DDoS Attacks: A Threat to Businesses and Consumers

Distributed Denial of Service (DDoS) attacks are a growing concern for businesses and consumers alike. These attacks are on the rise along with all forms of cyber-attack. According to Kapersky, “43% of businesses experienced data loss in the past year due to a cyber-security incident.” While DDoS attacks threaten the reputation and the bottom line for businesses, they also threaten consumers. In many cases a DDoS attack is launched as a decoy to hide the real intentions of the hacker – to steal corporate intellectual property and financial data, as well as consumer data. DDoS attacks have been a factor in some of the largest data breaches. Dave Larson of Infosecurity Magazine reports that “in a large proportion of data breaches reported over the last few years, DDoS attacks have been occurring simultaneously, as a component of a wider strategy; meaning hackers are utilizing this technique in a significant way.” At its core a DDoS attack uses hundreds and sometimes thousands of computers to flood the business website with large volume of internet traffic to overwhelm the host server. When this happens the website often stops functioning for a period of time. Sometimes hackers will continue to randomly attack a website until the business pays a ransom – much like ransomware that targets individuals. There are three major types of DDoS attacks available to a hacker. Volumetric: Most common. Sends a large amount of internet traffic to the host server simultaneously. Amplification: Sends a high volume of traffic using large packets of data. Requires fewer “zombie” or compromised computers to accomplish the same task as a volumetric DDoS attack. Resource Depletion: Makes multiple requests through multiple ports or entry points into the targeted server until its capacity is exceeded. To find out more about these types of DDoS attacks, go to Defending Your Network against DDoS Attacks. There are a number of hardware and software tools to help defend against such attacks, but the primary methods of defense are knowledge, detection, and training. Businesses should analyze how their networks and the systems attached to that network interact with the internet to uncover and fix vulnerabilities before they are exploited by hackers. Train IT employees to recognize the hallmarks of a DDoS and other cyber-attacks, so they can react quickly. Train all employees to recognize and immediately report any unusual activity on any system connected to the internet. Train all employees to question unusual emails or texts requesting W-2’s, other personnel data, or corporate financial information. Develop specific rules for employees regarding usage of social media and the types of corporate information that can be shared online. A recent study has shown that social engineering is a precursor to 66% of cyber-attacks. Source: 7 Ways to Make Yourself Hack-Proof. For more information on Decoy DDoS attacks, check out DDoS attacks: a perfect smoke screen for APTs and silent data breaches. To report a scam, go to the BBB Scam Tracker. To find trustworthy businesses, go to bbb.org. Source: http://whnt.com/2017/01/15/ddos-attacks-a-threat-to-businesses-and-consumers/

More:
DDoS Attacks: A Threat to Businesses and Consumers

DDOS attacks intensify in EMEA

Distributed denial-of-service (DDOS) attacks in the Europe, Middle East and Africa (EMEA) region witnessed an uptick in the last quarter and are set to intensify in 2017. This is according to a report issued by F5 Networks, which revealed data from its Security Operations Centre (SOC), highlighting the growing scale and intensity of cyber attacks in the region. DDOS attacks have been around since at least 2000. These attacks refer to a situation in which many compromised machines flood a target with requests for information. The target can’t handle the onslaught of requests, so it crashes. Consultancy firm Deloitte also expects cyber attacks to enter the terabit era in 2017, with DDOS attacks becoming larger in scale, harder to mitigate and more frequent. F5 Networks points out that in 2016 to date, it has handled and mitigated 8 536 DDOS instances. The company notes that one of the attacks featured among the largest globally – a 448Gbps user datagram protocol (UDM) and Internet control message protocol (ICMP) fragmentation flood using over 100 000 IP addresses emanating from multiple regions. It explains the incident highlights a growing trend for global co-ordination to achieve maximum impact, with IP attack traffic stemming largely from Vietnam (28%), Russia (22%), China (21%), Brazil (15%) and the US (14%). “The EMEA Security Operations Centre has been experiencing rapid growth since launching in September last year, and it is entirely driven by the explosion of attacks across the region, as well as businesses realising they need to prepare for the worst,” says Martin Walshaw, senior engineer at F5 Networks. In Q1 (October – December), the SOC experienced a 100% increase in DDOS customers, compared to the same period last year. F5 Networks says UDP fragmentations were the most commonly observed type of DDOS attack in Q1 (23% of total), followed by domain name system reflections, UDP floods (both 15%), syn floods (13%) and NTP reflections (8%). “Given the rise and variety of new DDOS techniques, it is often unclear if a business is being targeted,” Walshaw says. “This is why it is more important than ever to ensure traffic is being constantly monitored for irregularities and that organisations have the measures in place to react rapidly. “The best way forward is to deploy a multi-layered DDOS strategy that can defend applications, data and networks. This allows detection of attacks and automatic action, shifting scrubbing duties from on-premises to cloud and back when business disruption from local or external sources is imminent at both the application and network layer.” Source: http://www.itweb.co.za/index.php?option=com_content&view=article&id=158643

Read More:
DDOS attacks intensify in EMEA

Three ways retailers can safeguard against cybercrime

Chinese New Year is always a shopping boom time in town. People are generous in spending on food, decorations, and fashion during the important cultural festival. While retailers are focused on ensuring that they successfully take advantage of spikes in online and in-store sales, are they as prepared as they need to be to defend against major distributed denial of service (DDoS) attacks? Avoiding a cyber-crime catastrophe Thanksgiving officially kicks off the biggest shopping period of the year globally. The period through to Chinese New Year may be a sales bonanza, but it’s also a period of high vulnerability that criminals exploit to maximize the threat to a retailer’s business. Along with gaming and finance companies, retailers are popular targets because they store sensitive data that thieves can use for financial gain. Additionally, DDOS attacks are often used to distract organizations so that even more costly web application attacks can take place at the same time. But the truth is no industry is immune and the threat is increasing in its relentlessness. With Chinese New Year sales accounting for a sizeable chunk of most retailers’ revenues, from a criminal’s perspective, there could hardly be a better time to launch a cyber attack. What’s more, with systems already creaking under a load of peak volumes, it might not take much of a straw to break the camel’s back. The last thing a retailer wants is for their business to spectacularly and very visibly come to a sudden halt because they can’t defend against and mitigate a major distributed denial of service (DDoS) attack. Retailers face a growing threat Talk of cyber attacks are more than mere scaremongering – the threat is very real. For example, in September, the release of the Mirai code — a piece of malware that infects IoT devices enabling them to be used for DDoS attacks — opened a Pandora’s box of opportunities for ruthless cyber entrepreneurs who want to disrupt their target markets and exploit the vulnerabilities and weaknesses of companies who honestly serve their customers. This code gives criminals the ability to orchestrate legions of unsecured Internet of Things (IoT) devices to act as unwitting participants in targeted DDoS attacks. These objects could be anything from domestic hubs and routers to printers and digital video recorders — as long as they’re connected to the internet. The latest large DDoS attacks have used botnets just like this — proving that the bad guys are multiplying and, most likely, gearing up for bigger things. Asia is not immune and Hong Kong is a prime target According to a recent report by Nexusguard, DDoS attacks increased 43 percent in Q2 to 34,000 attacks in the Asia-Pacific region and 83 percent worldwide. The largest increase was seen in Hong Kong, where attacks rose an astonishing 57 percent. China, which saw a 50% increase in attacks, is the number one target in the region. According to the report, over the course of a month, a Chinese website was attacked 41 times. The fact is, that every company needs to pay this issue serious attention and put effective plans in place. Prevention is the better than the cure There are no easy answers to the question of how to secure IoT smart devices — especially at the ‘budget conscious’ end of the market. That’s why we expect that these DDoS attacks will continue to proliferate, meaning that targeted DDoS attacks of increasing scale and frequency will almost certainly occur as a result. So how can retailers defend themselves against the threat of an attack? Organizations have to use a combination of measures to safeguard against even the most determined DDoS attack. This include: 1. Limiting the impact of an attack by absorbing DDoS traffic targeted at the application layer, deflecting all DDoS traffic targeted at the network layer and authenticating valid traffic at the network edge 2. Choosing an ISP that connects directly to large carriers and other networks, as well as internet exchanges — allowing traffic to pass efficiently 3. Employing the services of a network-based DDoS provider — with a demonstrable track record of mitigating DDoS attacks and sinking significant data floods. This will safeguard specific IP address ranges that organizations want to protect. Chinese New Year is a critical period for retailers — and hopefully for all the right reasons. But in an increasingly digital world, consideration needs to be given to the IT infrastructure that underpins today’s retail business and the security strategy that protects it. Source: http://www.enterpriseinnovation.net/article/three-ways-retailers-can-safeguard-against-cybercrime-512090779

Read the original post:
Three ways retailers can safeguard against cybercrime