Plus: Cloudflare tackles huge DDoS attack, Apple and CSAM, and more In brief Razer is said to be working on an updated installer after it was discovered you can gain admin privileges on Windows by plugging in one of the gaming gear maker’s mice or keyboards.…
More:
Razer ponders how to fix installer that grants admin powers if you plug in a mouse
Corero Network Security announces additional flexibility when deploying its SmartWall solution, with a new Edge Threat Defense (ETD) capability. Corero’s mission is to make the internet a safer and more reliable place to do business by protecting against the downtime and disruption caused by DDoS attacks. Corero enables organizations around the globe to maintain business continuity in the event of a DDoS attack, by deploying the award-winning and intelligently automated SmartWall DDoS protection solution that … More ? The post Corero Network Security expands DDoS protection portfolio with ETD capability appeared first on Help Net Security .
View original post here:
Corero Network Security expands DDoS protection portfolio with ETD capability
Here’s an overview of some of last week’s most interesting news and articles: Kaseya obtains universal REvil decryptor There’s finally some good news for the MSPs and their customers that have been hit by the REvil ransomware gang via compromised Kaseya VSA software: a universal decryptor has made it available to affected organizations. DDoS attacks are up, with ever-greater network impact With an overall rise in available network capacity, cyber criminals are increasingly targeting their … More ? The post Week in review: HiveNightmare on Windows 10, Kaseya obtains REvil decryptor appeared first on Help Net Security .
Continue reading here:
Week in review: HiveNightmare on Windows 10, Kaseya obtains REvil decryptor
Telia Carrier has announced the findings of a report with a perspective on today’s cyber threats from traffic data. The report investigates changes in attack vector, size and frequency, and reveals a staggering 50% increase in peak attack traffic compared to 2019, with a jump to 1.18 Terabytes per Second (TBps) or 887 Mega Packets Per Second (Mpps). In 2020, a staggering 57 Petabits or 14 tera packets of malicious data have been cleaned. During … More ? The post DDoS attacks are up, with ever-greater network impact appeared first on Help Net Security .
There has been a 33% increase in the number of DDoS attacks in H1 2021, according to a report published by Link11. Between January and June, there were record numbers of attacks compared to the same period last year. The report also found that between Q1 2021 and Q2 2021 there was a 19% increase in DDoS campaigns, some of which were over 100 Gbps in attack volume; further evidence that hackers are continuing to … More ? The post DDoS attacks increased 33% in H1 2021 appeared first on Help Net Security .
Read the original:
DDoS attacks increased 33% in H1 2021
In H1 2021, cyber criminals targeted businesses in record numbers as they continued to exploit vulnerabilities caused by the pandemic A report published by Link11, Europe’s leading IT security provider in cyber resilience, suggests there has been a 33% increase in the number of DDoS attacks in H1 2021. Between January and June, the Link11 Security Operations Centre (LSOC) recorded record numbers of attacks compared to the same period last year. The report also found that between Q1 2021 and Q2 2021 there was a 19% increase in DDoS campaigns, some of which were over 100 Gbps in attack volume; further evidence that cyber criminals are continuing to exploit the vulnerabilities of businesses during the pandemic. The key findings from the report are: The number of attacks continued to rise: + 33% increase year-on-year compared to H1/2020. DDoS attacks are increasing: +19% in Q2 2021 compared to Q1 2021. Overall attack bandwidth remained high: 555 Gbps in maximum attack volume. Sharp increase in attack bandwidth: +37% increase in H1/2021 compared to H1/2020. Number of high-volume attacks > 100 Gbps in H1/2021: 28 Criminals targeted those organisations and institutions that were in high demand during the global pandemic, such as va ccination websites, e-learning platforms or portals and businesses IT infrastructure as well as hosting providers and internet service providers . LSOC also suggests that the use of extortion emails has reached critical levels . Employees have received malicious emails from a multitude of different senders including Fancy Bear, Lazarus Group and most recently Fancy Lazarus. Instead of being indiscriminate, ransom demands now vary depending on the size of the company and the industry of the victims. In fact, companies from a wide range of industries (including finance, e-commerce, media and logistics) are currently being affected. The frequency of these campaigns has increased, ransom demands have skyrocketed and LSOC is warning that they could continue well into Q3 2021. According to Link11’s security experts, the intensity and regularity of extortion emails has noticeably increased . The scale of DDoS activity far exceeds any from previous years and the number of businesses experiencing serious security breaches has risen sharply. The consequences of such an attack can be severe, from loss of revenue, costly business interruptions, long recovery times to sensitive data being compromised. Marc Wilczek, Managing Director of Link11, said: “In an increasingly connected world, the availability and integrity of IT systems are critical to any business. Our research for the first half of 2021 shows that companies are continuously exposed to DDoS attacks and that they are far more frequent and complex. Due to the increasingly sophisticated attack techniques being used by cyber criminals, many security tools are reaching their limits. This means that solutions which provide maximum precision and speed in detecting and mitigating the attacks are more in demand than ever before.” Although the threat level of DDoS attacks has remained high and security providers have provided persistent warnings, LSOC believes some companies are still lack the relevant security solutions to prevent an attack . In a number of cases, organisations have been found to be completely unprotected and operations have been brought to a standstill. The only way to limit the damage is to implement specialised protection solutions on an ad-hoc basis. From an economic and legal point of view, however, it makes more sense to focus on sustainable prevention rather than reaction. As threat levels continue to rise LSOC recommends businesses take this opportunity to conduct a thorough review of their cyber security posture. They are also warning if you fall victim to a DDoS attack do not respond to extortion attempts and call in a specialist for DDoS protection as soon as an attack has been detected. Source: https://www.link11.com/en/blog/threat-landscape/link11-report-discovers-record-number-of-ddos-attacks-in-first-half-of-2021/
Originally posted here:
Link11 Discovers Record Number of DDoS Attacks in First Half of 2021
During the pandemic, cyber attackers targeted industries providing connectivity, services and entertainment to populations forced to shelter-in-place, resulting in a 341% year-over-year increase in distributed denial-of-service (DDoS) attacks, according to Nexusguard. The massive shift in online behavior and reliance on connectivity strained communications service providers (CSPs) and internet service providers (ISPs) that provided the backbone for this remote work, including spikes in ransom DDoS (RDDoS) attacks to extort organizations for payment in exchange for staying … More ? The post DDoS attacks increase 341% amid pandemic appeared first on Help Net Security .
Follow this link:
DDoS attacks increase 341% amid pandemic
Kinetic Business introduced DDoS Mitigation Service, a fully managed service that monitors, detects, validates and mitigates attacks—even on third-party networks —before an outage or related damage occurs. The service augments Kinetic’s portfolio of security services and complements the company’s leading business data and voice services. DDoS attacks are disruptive and can easily make an organization’s internet circuit unavailable, impact their business and potentially put them in non-compliance with industry regulation. Kinetic’s DDoS Mitigation Service uses … More ? The post Kinetic Business DDoS Mitigation Service helps customers protect networks from attacks appeared first on Help Net Security .
View article:
Kinetic Business DDoS Mitigation Service helps customers protect networks from attacks
Security is front of mind for a lot of organizations these days, especially due to the 400% increase in cyberattacks since the pandemic started. Notable and alarming attacks include those on the federal government by nation-state threat actors using widely used third-party tools as vehicles for intrusion. Your contact center is no exception: it’s facing standard cyber security threats, such as DDoS attacks, but also seeing an increase in attacks targeting customers’ personal data. If … More ? The post How can companies prioritize contact center security? appeared first on Help Net Security .
View article:
How can companies prioritize contact center security?
Several recent cyber incidents targeting critical infrastructure prove that no open society is immune to attacks by cybercriminals. The recent shutdown of key US energy pipeline marks just the tip of the iceberg. Critical infrastructure is becoming more dependent on networks of interconnected devices. For example, only a few decades ago, power grids were essentially operational silos. Today, most grids are closely interlinked — regionally, nationally, and internationally as well as with other industrial sectors. And in contrast to discrete cyberattacks on individual companies, a targeted disruption of critical infrastructure can result in extended supply shortages, power blackouts, public disorder, and other serious consequences. According to the World Economic Forum (WEF), cyberattacks on critical infrastructure posed the fifth-highest economic risk in 2020, and the WEF called the potential for such attacks “the new normal across sectors such as energy, healthcare, and transportation.” Another report noted that such attacks can have major spillover effects. Lloyd’s and the University of Cambridge’s Centre for Risk Studies calculated the prospective economic and insurance costs of a severe cyberattack against America’s electricity system could amount to more than $240 billion and possibly more than $1 trillion. Given these potential far-reaching consequences, cyberattacks on critical infrastructure have become a big concern for industry and governments everywhere — and recent events haven’t done much to allay these fears. A Worldwide Phenomenon In May 2021, a huge distributed denial-of-service (DDoS) attack crippled large sections of Belgium’s Internet services, affecting more than 200 organizations, including government, universities, and research institutes. Even parliamentary debates and committee meetings were stalled since no one could access the online services they needed to participate. A few days later, a ransomware attack shut down the main pipeline carrying gasoline and diesel fuel to the US East Coast. The Colonial Pipeline is America’s largest refined-products pipeline. The company says it transports more than 100 million gallons a day of fossil fuels, including gasoline, diesel, jet fuel, and heating oil — or almost half the supply on the East Coast, including supplies for US military facilities. In August 2020, the New Zealand Stock Exchange (NZX) was taken offline for four trading days after an unprecedented volumetric DDoS attack launched through its network service provider. New Zealand’s government summoned its national cybersecurity services to investigate, and cyber experts suggested the attacks might have been a dry run of a major attack on other global stock exchanges. In October 2020, Australia’s Minister for Home Affairs, Peter Dutton, said his country must be ready to fight back against disastrous and extended cyberattacks on critical infrastructure that could upend whole industries. Obvious Uptick in DDoS Attacks During the pandemic, there’s been a huge increase in DDoS attacks, brute-forcing of access credentials, and malware targeting Internet-connected devices. The average cost of DDoS bots has dropped and will probably continue to fall. According to Link11’s Q1/2021 DDoS report, the number of attacks witnessed more than doubled, growing 2.3-fold year-over-year. (Disclosure: I’m the COO of Link11.) Unlike ransomware, which must penetrate IT systems before it can wreak havoc, DDoS attacks appeal to cybercriminals because they’re a more convenient IT weapon since they don’t have to get around multiple security layers to produce the desired ill effects. The FBI has warned that more DDoS attacks are employing amplification techniques to target US organizations after noting a surge in attack attempts after February 2020. The warnings came after other reports of high-profile DDoS attacks. In February, for example, the largest known DDoS attack was aimed at Amazon Web Services. The company’s infrastructure was slammed with a jaw-dropping 2.3 Tb/s — or 20.6 million requests per second — assault, Amazon reported. The US Cybersecurity and Infrastructure Security Agency (CISA) also acknowledged the global threat of DDoS attacks. Similarly, in November, New Zealand cybersecurity organization CertNZ issued an alert about emails sent to financial firms that threatened a DDoS attack unless a ransom was paid. Predominantly, cybercriminals are just after money. The threat actors behind the most recent and ongoing ransom DDoS (RDDoS or RDoS) campaign identify themselves as state-backed groups Fancy Bear, Cozy Bear, Lazarus Group, and Armada Collective — although it remains unclear whether that’s just been a masquerade to reinforce the hacker’s demands. The demanded ransoms ranged between 10 and 20 Bitcoin (roughly worth $100,000 to $225,000 at the time of the attacks), to be paid to different Bitcoin addresses. Mitigating the Risk Critical infrastructure is often more vulnerable to cyberattacks than other sectors. Paying a ransom has ethical implications, will directly aid the hackers’ future operations (as noted by the FBI), and will encourage them to hunt other potential victims. Targeted companies are also urged to report any RDoS attacks affecting them to law enforcement. Organizations can’t avoid being targeted by denial-of-service attacks, but it’s possible to prepare for and potentially reduce the impact should an attack occur. The Australian Cyber Security Centre notes that “preparing for denial-of-service attacks before they occur is by far the best strategy; it is very difficult to respond once they begin and efforts at this stage are unlikely to be effective.” However, as the architecture of IT infrastructure evolves, it’s getting harder to implement effective local mitigation strategies. Case in point: Network perimeters continue to be weak points because of the increasing use of cloud computing services and devices used for remote work. Also, it is increasingly infeasible to backhaul network traffic, as legitimate users will be banned, too — potentially for hours or days. To minimize the risk of disruption and aim for faster recovery time objectives (RTOs) after an attack, organizations should become more resilient by eliminating human error through stringent automation. These days, solutions based on artificial intelligence and machine learning offer the only viable means of protection against cyberattacks. Marc Wilczek is a columnist and recognized thought leader, geared toward helping organizations drive their digital agenda and achieve higher levels of innovation and productivity through technology. Over the past 20 years, he has held various senior leadership roles across … View Full Bio Source: https://www.darkreading.com/attacks-breaches/critical-infrastructure-under-attack-/a/d-id/1340960
Original post:
Critical Infrastructure Under Attack