Akamai CSO laments pisspoor security design practices Internet of Things devices are starting to pose a real threat to security for the sensible part of the web, Akamai’s chief security officer Andy Ellis has told The Register .…
More:
No wonder we’re being hit by Internet of Things botnets. Ever tried patching a Thing?
Hacked low-powered cameras and internet-of-things things The world’s largest distributed denial of service (DDoS) attack has been clocked from the same network of 152,463 compromised low-powered cameras and internet-of-things devices which punted a media outlet off the internet.…
See the original article here:
152k cameras in 990Gbps record-breaking dual DDoS
Cybercriminal networks are increasingly taking advantage of lax Internet of Things device security to spread malware and create zombie networks, or botnets, unbeknownst to their device owners. When lax security becomes a huge problem Symantec’s Security Response team has discovered that cybercriminals are hijacking home networks and everyday consumer connected devices to help carry out DDoS attacks on more profitable targets, usually large companies. To succeed, they need cheap bandwidth and get it by stitching … More ?
View the original here:
IoT-based DDoS attacks on the rise
Internet of Amazingly Insecure Tat? That’s the one The huge distributed denial of service (DDoS) attack which wiped security journalist Brian Krebs’ website from the internet came from a million-device-strong Internet of Things botnet.…
Originally posted here:
Security man Krebs’ website DDoS was powered by hacked Internet of Things botnet
600 Gbps traffic flood overwhelmed CDN Google has provided free distributed denial of service attack (DDoS) mitigation services to security publication Krebs on Security , stepping in after Akamai withdrew support.…
Continue reading here:
Google rushes in where Akamai fears to tread, shields Krebs after world’s-worst DDoS
Bureau of Stats says spooks signed off IBM’s plan, but Big Blue mucked something up Australia’s Bureau of Statistics has heavily criticised IBM for the security it applied to the nation’s failed online census, which was taken offline after a distributed denial of service (DDoS) attack that battered a curiously flimsy defensive shield.…
See more here:
IBM botched geo-block designed to save Australia’s census
TAIPEI, Taiwan — First Securities (?????) was blackmailed on Thursday by hackers who threatened to completely disable its trading system with DDoS (distributed denial-of-service) attacks. The hackers asked the brokerage firm to pay 50 bitcoins (approximately NT$940,000), in an email that they sent to First Securities at around 10 a.m. on Thursday. Local newspaper Apple Daily cited an unnamed source as saying that a DDoS attack came at around 11 a.m., stopping all electronic trades. First Securities President Yeh Kuang-chang (???) confirmed that they received the blackmail email but stressed that the firm’s trading system was only slowed down but not disabled by the attacks as reported. The firm has activated a reserve system and, while a small number of investors were affected by the attacks, the system was not paralyzed, Yeh said. He said he believed the situation would be resolved by Friday. Yeh said the firm had reported the incident, which he said had caused no losses to the firm, to the authorities or to the investigation bureau. Yeh also stressed that while the firm had yet to ascertain the origin of the hackers, he had preliminary ruled out the possibility that Thursday’s DDoS attacks were related to the ATM heist aimed at its sister institution — First Commercial Bank — in July. ATMs at 41 First Bank branches were hacked in the incident, with over NT$80 million believed to have been stolen. Seventeen suspects from six countries have been identified in the heist, which involved an international crime ring. The Taiwan Stock Exchange (TWSE) issued a statement at 6 p.m. saying that First Securities suffered from an unknown online attack beginning at 10:50 a.m. and was not able to immediately recover its electronic trading system. The TWSE advised investors to use other forms of trading. TWSE Vice President Chien Lih-chung (???) said the TWSE had informed other securities firms and that no other firms had reported similar blackmail or system problems. Source: http://www.chinapost.com.tw/taiwan/national/national-news/2016/09/23/479195/Hackers-threaten.htm
Read More:
Hackers threaten First Securities with DDoS attacks
The 620 Gbps DDoS attack was built on a massive botnet. The security blog KrebsOnSecurity has been hit with one of the largest distributed denial of service (DDoS) attacks of all time. The site, which is run by security expert Brian Krebs, was hit by a DDoS attack of around 620 Gbps on 20 September. KrebsOnSecurity managed to stay online during the attack, due to defences from content delivery network provider Akamai. The largest attack of this kind Akamai had previously defended was one of 336 Gbps earlier this year. Previous large-scale DDoS attacks, including the 336 Gbps attack, used well-known methods to amplify a smaller attack such as using unmanaged DNS servers. Apart from being much larger in terms of scale, the attack on KrebsOnSecurity also differed in that it seemed to instead use a very large botnet of hacked devices. This could have involved hundreds of thousands of systems. “Someone has a botnet with capabilities we haven’t seen before,” Martin McKeay, Akamai’s senior security advocate, said to KrebsOnSecurity. “We looked at the traffic coming from the attacking systems, and they weren’t just from one region of the world or from a small subset of networks — they were everywhere.” Brian Krebs said that there were some signs that the attack had used a botnet that had captured a large number of Internet of Things (IoT) devices. During a DDoS attack, the targeted website is flooded with traffic, designed to overwhelm the resources of the site to crash or suspend its services. “It seems likely that we can expect such monster attacks to soon become the new norm,” wrote Krebs. He suggested that the attack on his site might have been in retaliation for a series he had done on the takedown of a DDoS-for-hire service vDOS, a theory supported by text included in the strings of the DDoS attack referencing the vDOS owners. Source: http://www.cbronline.com/news/cybersecurity/business/renowned-blog-krebsonsecurity-hit-with-massive-ddos-attack-5012622
Excerpt from:
Renowned blog KrebsOnSecurity hit with massive DDoS attack
Spam volume is back to mid-2010 heights, and Cisco Talos researchers say that the Necurs botnet is partly to blame. “Many of the host IPs sending Necurs’ spam have been infected for more than two years. To help keep the full scope of the botnet hidden, Necurs will only send spam from a subset of its minions. An infected host might be used for two to three days, and then sometimes not again for two … More ?
Originally posted here:
Spam is once again on the rise
The sparsely populated Spratly Islands, a collection of hundreds of islands and reefs spread over roughly 165,000 square miles in the South China Sea, are very quickly becoming the center of one of the most contentious international disputes between world powers since the fall of the Soviet Union. Alarmingly, the use of cyber attacks in this dispute suggests we might already be in the midst of a new Cold War playing out in cyberspace — where America’s advantage is not as clear as it is with conventional armies and navies. The Spratly Islands are of economic and strategic importance. All of the countries in the region — including China, Vietnam and the Philippines — have made competing territorial claims to the region. In recent years, China has become increasingly aggressive in its claim, rapidly building artificial islands while also conducting military operations in the area. Beyond this conventional military build up, however, are complex and brazen cyber attacks by China that are leaving America and its allies increasingly concerned. A massive distributed denial of service (DDoS) attack knocked offline at least 68 Philippine government websites in July, apparently in response to an international court ruling that denied China’s territorial claims in the region. Just days later, Vietnam’s national airline and major airports were targeted in a series of attacks by the Chinese hacking group 1937CN. Those are just the latest examples of China’s years long cyber campaign related to the Spratly Islands. (In another attack, the website of the aforementioned international court was infected with malware and taken offline last year.) While these “nuisance” attacks — and continued cyber espionage by China — are serious, targeted Chinese cyber attacks designed to impact America’s physical military systems in the South China Sea are the most substantial evidence that we may be on the brink of a more tangible cyber threat to American military power. China appears to be moving forward with plans to use electronic attacks designed to either disrupt or take control of American drones. With reports that the Chinese attempted to interfere with U.S. military drones at least once in recent years, the country has shown a willingness to use GPS jamming to prevent U.S. aircraft from conducting surveillance missions in the Spratly Islands. That 2015 instance appears to fit China’s public posturing on the ways it says it could use electronic GPS jamming to disrupt U.S. drone networks. One 2013 report in the Chinese journal Aerospace Electronic Warfare notes in technical detail how its military can “use network warfare to attack and even control America’s network” by disrupting the connection between satellites and aircraft. This sort of GPS jamming could be the largest electronic threat to the U.S. drone program. In fact, it has been widely speculated that Iran used a similar GPS “spoofing” technique to take control of a U.S. surveillance drone in 2011. The American military says it is preparing for these sorts of attacks with its new cyber strategy released last year. In addition to outlining how cyber will be included in military planning, the report calls for a hardening of the military’s cyber defenses to prevent the theft of military technology or cyber attacks against military infrastructure and weaponry. The challenge, as any expert in the cybersecurity world would tell you, is that the capabilities and sophistication of the Chinese, Russians and other state-sponsored and non-state hackers are increasing exponentially. One only has to read the news to see nearly daily evidence of this (e.g. the recent suspected NSA breech, hacks targeting Democratic political organizations, the attack against the State Department’s email system or the theft of military intel in the OPM hack). The relatively inexpensive cyber options being employed today by both state and non-state hacking groups make it an incredibly efficient “leveler” of power. A small group of hackers using simple spear-phishing tactics, for example, can have massive impact on military installations, government operations, critical infrastructure and potentially even weapons systems. The unconventional battle playing out in the South China Sea — where cyber attacks are taking the place of conventional fighting and other forms of diplomacy — is a new model of warfare. The growing cyber threat from China may pose the most immediate threat to America and its allies because, while the U.S. continues to have a clear conventional military advantage, our advantage in cyber is not as clear. Source: https://techcrunch.com/2016/09/21/cybersecurity-is-threatening-americas-military-supremacy/
Link:
Cybersecurity is threatening America’s military supremacy