Krebs says he’s fingered author of epic IoT web assault code The author of the massive distributed denial-of-service attack malware Mirai, which ropes infected routers and internet of things devices into remotely controlled armies, is a New Jersey man, according to journo Brian Krebs.…
Follow this link:
Mirai author named as operator of DDoS protection service
Krebs says he’s fingered author of epic IoT web assault code The author of the massive distributed denial-of-service attack malware Mirai, which ropes infected routers and internet of things devices into remotely controlled armies, is a New Jersey man, according to journo Brian Krebs.…
More:
Operator of DDoS protection service named as Mirai author
A software engineer is calling for protesters to flood the site with traffic during the presidential inauguration It’s almost time. Ex-reality TV host and businessman Donald Trump will be officially sworn in as the US president on Friday January 20. His campaign was divisive, to say the least, and it seems his tenure as president is looking like having a bumpy start, with protests planned in all states of the US, including on the streets of Washington DC. However, rather than stand outside, some protestors are choosing to target the President-elect with other, indoor-based, means. Software engineer, Juan Soberanis, is calling on protestors to attempt to take down the White House’s website in a DDoS attack – simply by flooding the website with traffic. Soberanis is calling it “Occupy White House”. According to the International Business Times, Soberanis wrote on his online protest pledge: “”If you can’t make it to Washington DC on inauguration day to protest Trump’s presidency, you can still fight for the cause by helping to take down whitehouse.gov as a show of solidarity for the lives impacted by Trump’s policy agenda. “It’s simple. By overloading the site with visitors, we will be able to demonstrate the will of the American people,” he continued. Soberanis then goes on to tell fellow protestors to overwhelm the website by setting up auto-refresh on the WhiteHouse.gov homepage throughout the day. The San-Francisco engineer is the creator of Protester.io, a Kickstarter-type site that encourages individuals to get involved in online protests. However, only one protest is currently live on the site, a finished protest set up by Soberanis to incite people to join the ACLU as a protest against Trump. The alleged URL for his Occupy White House protest page on the site appears to be inaccessible at the moment. Hacking group Anonymous is additionally, and allegedly, planning cyber attacks against Trump’s new administration. It should be noted, though, that this type of attack is considered criminal activity in the US under the Computer Fraud and Abuse Act. The act dictates that sending a command to a protected computer with the intent to cause damage can be judged a criminal offence, and people affiliated with Anonymous have been charged in the past by the US government for launching DDoS attacks on government entities and trade groups. Thousands of people are planning to protest Trump’s inauguration on January 20 As well as being a controversial choice for president, Trump’s inauguration is set to be a controversial affair, too. The likes of Cher, Chelsea Handler and Katy Perry have promised to take part in the Women’s March, either in the capital or in the states around, the day after the inauguration, to protest the Republican party’s threats to defund Planned Parenthood. According to Google, the statewide searches for “inauguration protest” are much higher than “attend inauguration” searches on the site. During the transition from Obama stepping down and Trump stepping up, “Russia” has been one of the top searched-for big issuesin the States on Google, alongside immigration and Obamacare. Source: http://www.wired.co.uk/article/donald-trump-inauguration-ddos-attack-planned
Visit site:
Activists plan DDoS attack on the White House website during Trump’s inauguration
A software engineer wants to take down the Whitehouse.gov site to oppose Trump’s inauguration When Donald Trump is inaugurated as the U.S. President on Friday, Juan Soberanis intends to protest the event — digitally. His San Francisco-based protest platform is calling on Americans to oppose Trump’s presidency by visiting the Whitehouse.gov site and overloading it with too much traffic. In effect, he’s proposing a distributed denial-of-service attack, an illegal act under federal law. But Soberanis doesn’t see it that way. “It’s the equivalent of someone marching on Washington, D.C,” he said on Monday. “Civil disobedience has been part of the American democratic process.” Soberanis’s call to action is raising eyebrows and highlights the isssue of whether DDoS attacks should be made a legitimate form of protest. Under the Computer Fraud and Abuse Act, sending a command to a protected computer with the intent to cause damage can be judged a criminal offense. But that hasn’t stopped hacktivists and cyber criminals from using DDoS attacks to force websites offline. In 2013, the U.S. charged 13 people affiliated with the hacktivist group Anonymous for launching DDoS attacks on government entities, trade groups and law firms. Typically, hackers launch such attacks by using several servers, or huge numbers of infected PCs called botnets, to flood their targets with an overwhelming amount of traffic. Soberanis’s protest effort is simpler. He’s hoping that millions of individuals join his protest by visiting Whitehouse.gov and continually refreshing the page. “There’s nothing illegal,” he said. “We are just a large group of people, making a GET request,” he said, referring to the HTTP request method to access a web page. Soberanis, who works as a software engineer, created his Protester.io platform about a month ago to encourage activism. It currently has no funding, but the site managed to gain a bit of buzz last week. The PR Newswire public-relations service circulated a press release from Protestor.io, only to retract it later after realizing the release was calling for a “take down” of Whitehouse.gov. “There’s also been some detractors,” he said. “They support Trump and have a very different viewpoint.” Soberanis isn’t the first to argue that DDoSing can be a form of legitimate protest. Briefly in 2013, a failed online petition was posted on the White House’s website about the same subject. It argued that DDoSing a website was not a form of hacking, but a new way for protesting. “Instead of a group of people standing outside a building to occupy the area, they are having their computer occupy a website,” the petition said. Some agree and think that DDoS attacks, in certain scenarios, can work as a valid form of protest. Laws like the Computer Fraud and Abuse Act are “over broad” and “chilling” political speech, said Molly Sauter, author of The Coming Swarm, a book that examines DDoS attacks used in activism. A DDoS attack on Whitehouse.gov — a site designed more for public relations than for operations – also wouldn’t disrupt any major government activities, Sauter said. Taking it down could be seen as “more or less like protesting outside on the street,” she said. “Now, is that going to be successful?” she asked. “Frankly, it’s not likely that the Whitehouse.gov site wouldn’t have DDoS protection.” But others think a DDoS attack on the Whitehouse.gov is still a crime. Making it legal would open a can of worms, they say. “If they can do this to Whitehouse.gov with impunity now, can they also do it to Exxon without worry of legal troubles?” said Mark Sauter (no relation to Molly Sauter), a former U.S. Army officer who consults security and tech companies. He questions why protestors like Soberanis are resorting to DDoS attacks when they can publish their own websites or speech against Trump. Source: http://www.csoonline.com/article/3158826/security/can-a-ddos-attack-on-whitehousegov-be-a-valid-protest.html
Originally posted here:
Can a DDoS attack on Whitehouse.gov be a valid protest?
A decade ago the idea of loss prevention (LP) had been limited to the idea of theft of merchandise. With the advent of online retailing, retailers have discovered that loss must be viewed more broadly to “intended sales income that was not and cannot be realized” [Beck and Peacock, 28]. While Beck and Peacock regard malicious loses such as vandalism as part of sales that cannot be realized, Distributed Denial of Service (DDoS) attacks certainly could fit with that definition. Unlike other kinds of LP, where the attempt of the thief is to conceal their activities, a DDoS attack is designed for maximal visibility so the purpose of the attack is to deny the target customer’s access, and especially susceptible are businesses that have online payment gateways [Gordon, 20] which today includes many business and non-profit entities. Particularly problematic for CIOs is that the nature of DDoS attacks is constantly changing. Many of these attacks occur at networking layers below the application level, which means for the CIO that buying an off-the-shelf software product is unlikely to provide an effective countermeasure [Oliveira et al, 19]. Of course, the determination of financial impact is an important consideration when weighing allocations of the IT security budget. While it is clear that the “loss of use and functionality” constitutes true losses to a company [Hovav and D’Arcy, 98], estimating a potential loss encounters difficulties given the lack of historical data and a perceived risk to putting an exact figure upon security breach losses. This presents a problem for the CIO because of the need to show ROI on security investments [Hovav and D’Arcy, 99]. Yet, a successful DDoS attack has the potential to cost a company millions of dollars in real financial losses from the direct costs of work time, equipment leases, and legal costs to the indirect costs, such as, loss of competitive advantage and damage done to the company’s brand. The direct cost of “a more complex breach that affects a cross-section of a complex organization” can often exceed £500,000 (624,000 USD) and does not include additional five or six figure fines if government regulatory agencies are involved [Walker and Krausz, 30]. If the CIO cannot buy an off-the-shelf software product to prepare against a DDoS attack, how does the CIO develop an I.T. security strategy that is appropriate to this specific threat? While this is by no means an exhaustive list: here are a few approaches that one can take that may help to developing an effective I.T. strategy that can deal with the DDoS threat. (1) Accept that developing an I.T. strategy effective against mitigating loss caused by DDoS requires resources, but your business is worth protecting. (2) Remember that the purpose of technology is to connect your business to people [Sharif, 348], and that connectivity is itself an asset that has real value. (3) Developing effective business partners can help you ensure business continuity. These partnerships could be with consultants, alliance partnerships that have successfully dealt with DDoS attacks, or businesses that specialize in dealing with this kind of security issue. Bibliography Beck, Adrian, and Colin Peacock. New Loss Prevention: Redefining Shrinkage Management. NY: Palgrave Macmillan, 2009. Gordon, Sarah, “DDoS attacks grow,” Network Security (May 2015), 2, 20. Horvav, Anat, and John D’Arcy, “The Impact of Denial-of-Service attack announcements on the market value of firms,” Risk Management and Insurance Review 6 (2003), 97-121. Oliveira, Rui André, Nuno Larajeiro, and Marco Vieira, “Assessing the security of web service frameworks against Denial of Service attacks,” The Journal of Systems and Software 109 (2015), 18-31. Sharif, Amir M. “Realizing the business benefits of enterprise IT,” Handbook of Business Strategy 7 (2006), 347-350. Walker, John, and Michael Krausz, The True Cost of Information Security Breaches: A Business Approach. Cambrigdeshire, UK: IS Governance Publishing, 2013. David A. Falk, , Ph.D. Director of IT DOSarrest Internet Security
Visit link:
DDoS prevention as part of a robust I.T. Strategy
National PR service circulates—then pulls—release highlighting campaign to crash government website BY: Morgan Chalfant January 14, 2017 4:56 am A leading public-relations service blasted and then removed a news release this week highlighting a campaign to protest the inauguration of Donald Trump by crashing WhiteHouse.gov. PR Newswire, a global news-release distribution service, circulated a release on Thursday highlighting a campaign launched by Protester.io, a digital protest organizing platform, to “take down” the White House website next Friday in protest of Trump’s inauguration. “On January 20th, hundreds of thousands of Americans are going to Washington, DC to march in protest of the inauguration of Donald Trump. Millions more around the country will be joining the cause from home. If you can’t make it to Washington DC on inauguration day, you can still participate by occupying whitehouse.gov online,” the release read. “Why is it important to participate? Isn’t this just another election? We haven’t lost our democracy yet, but it is most definitely under threat. The only way we’re going to defend and revive our democracy is by mobilizing.” Protester.io describes itself as a platform that helps individuals “organize protests like a crowdfunding campaign.” A description of the Inauguration Day protest on its website, named “Occupy WhiteHouse.gov,” instructs interested parties to go to the White House website on Jan. 20 and refresh the page as often as possible throughout the day. The page also includes instructions for protesters to “automate” page refresh so that their computers do this automatically. “When enough people occupy www.WhiteHouse.gov the site will go down. Please join us and stand up against this demagogue who is threatening our democracy and our security,” the protest page states. Shortly after blasting the news release, PR Newswire issued a correction, changing the headline of the release from “Protester.io Launches Campaign to Take Down WhiteHouse.gov on Inauguration Day” to “Protester.io Launches Campaign to Voice Your Opinion at WhiteHouse.gov on Inauguration Day.” Later, the news-release service removed the press release entirely. PR Newswire was purchased by Cision, a global public relations software company based in Chicago, for $841 million from British business events organizer UBM in 2015. PR Newswire is based in New York and distributes public relations messages for companies largely located in the United States and Canada, according to the New York Times. When contacted, a spokesman for Cision confirmed to the Washington Free Beacon that the original release had been modified and later removed entirely “after further evaluation.” “The issuer modified the original release at our request, but after further evaluation, we ultimately decided to remove the release in its entirety and have requested that the rest of our network remove the content as well,” Stacey Miller, director of communication for Cision, wrote in an email Friday afternoon. An organizer for the protest did not respond to a request for comment. Federal investigators have probed what are called distributed denial of service, or DDoS, attacks, which block users from websites by overloading them with traffic. Such attacks brought down Twitter, Spotify, and Amazon last October, prompting investigations by the FBI and Department of Homeland Security. It is unclear whether the planned “Occupy WhiteHouse.gov” protest campaign would constitute a DDoS attack. Attempts to reach the FBI on Friday were unsuccessful. Several protests have been organized around Inauguration Day, including the “Women’s March on Washington” that is expected to draw some 200,000 women to the nation’s capital on Jan. 21, the day following Trump’s inauguration. Fox News reported that protesters are also planning to blockade security checkpoints at the inauguration and organize a “dance party” outside the home of Vice President-elect Mike Pence. Source: http://freebeacon.com/culture/protest-aims-take-whitehouse-gov-inauguration-day/
View post:
Protest Aims to ‘Take Down’ WhiteHouse.Gov on Inauguration Day
Distributed denial-of-service (DDOS) attacks in the Europe, Middle East and Africa (EMEA) region witnessed an uptick in the last quarter and are set to intensify in 2017. This is according to a report issued by F5 Networks, which revealed data from its Security Operations Centre (SOC), highlighting the growing scale and intensity of cyber attacks in the region. DDOS attacks have been around since at least 2000. These attacks refer to a situation in which many compromised machines flood a target with requests for information. The target can’t handle the onslaught of requests, so it crashes. Consultancy firm Deloitte also expects cyber attacks to enter the terabit era in 2017, with DDOS attacks becoming larger in scale, harder to mitigate and more frequent. F5 Networks points out that in 2016 to date, it has handled and mitigated 8 536 DDOS instances. The company notes that one of the attacks featured among the largest globally – a 448Gbps user datagram protocol (UDM) and Internet control message protocol (ICMP) fragmentation flood using over 100 000 IP addresses emanating from multiple regions. It explains the incident highlights a growing trend for global co-ordination to achieve maximum impact, with IP attack traffic stemming largely from Vietnam (28%), Russia (22%), China (21%), Brazil (15%) and the US (14%). “The EMEA Security Operations Centre has been experiencing rapid growth since launching in September last year, and it is entirely driven by the explosion of attacks across the region, as well as businesses realising they need to prepare for the worst,” says Martin Walshaw, senior engineer at F5 Networks. In Q1 (October – December), the SOC experienced a 100% increase in DDOS customers, compared to the same period last year. F5 Networks says UDP fragmentations were the most commonly observed type of DDOS attack in Q1 (23% of total), followed by domain name system reflections, UDP floods (both 15%), syn floods (13%) and NTP reflections (8%). “Given the rise and variety of new DDOS techniques, it is often unclear if a business is being targeted,” Walshaw says. “This is why it is more important than ever to ensure traffic is being constantly monitored for irregularities and that organisations have the measures in place to react rapidly. “The best way forward is to deploy a multi-layered DDOS strategy that can defend applications, data and networks. This allows detection of attacks and automatic action, shifting scrubbing duties from on-premises to cloud and back when business disruption from local or external sources is imminent at both the application and network layer.” Source: http://www.itweb.co.za/index.php?option=com_content&view=article&id=158643
Read More:
DDOS attacks intensify in EMEA
Chinese New Year is always a shopping boom time in town. People are generous in spending on food, decorations, and fashion during the important cultural festival. While retailers are focused on ensuring that they successfully take advantage of spikes in online and in-store sales, are they as prepared as they need to be to defend against major distributed denial of service (DDoS) attacks? Avoiding a cyber-crime catastrophe Thanksgiving officially kicks off the biggest shopping period of the year globally. The period through to Chinese New Year may be a sales bonanza, but it’s also a period of high vulnerability that criminals exploit to maximize the threat to a retailer’s business. Along with gaming and finance companies, retailers are popular targets because they store sensitive data that thieves can use for financial gain. Additionally, DDOS attacks are often used to distract organizations so that even more costly web application attacks can take place at the same time. But the truth is no industry is immune and the threat is increasing in its relentlessness. With Chinese New Year sales accounting for a sizeable chunk of most retailers’ revenues, from a criminal’s perspective, there could hardly be a better time to launch a cyber attack. What’s more, with systems already creaking under a load of peak volumes, it might not take much of a straw to break the camel’s back. The last thing a retailer wants is for their business to spectacularly and very visibly come to a sudden halt because they can’t defend against and mitigate a major distributed denial of service (DDoS) attack. Retailers face a growing threat Talk of cyber attacks are more than mere scaremongering – the threat is very real. For example, in September, the release of the Mirai code — a piece of malware that infects IoT devices enabling them to be used for DDoS attacks — opened a Pandora’s box of opportunities for ruthless cyber entrepreneurs who want to disrupt their target markets and exploit the vulnerabilities and weaknesses of companies who honestly serve their customers. This code gives criminals the ability to orchestrate legions of unsecured Internet of Things (IoT) devices to act as unwitting participants in targeted DDoS attacks. These objects could be anything from domestic hubs and routers to printers and digital video recorders — as long as they’re connected to the internet. The latest large DDoS attacks have used botnets just like this — proving that the bad guys are multiplying and, most likely, gearing up for bigger things. Asia is not immune and Hong Kong is a prime target According to a recent report by Nexusguard, DDoS attacks increased 43 percent in Q2 to 34,000 attacks in the Asia-Pacific region and 83 percent worldwide. The largest increase was seen in Hong Kong, where attacks rose an astonishing 57 percent. China, which saw a 50% increase in attacks, is the number one target in the region. According to the report, over the course of a month, a Chinese website was attacked 41 times. The fact is, that every company needs to pay this issue serious attention and put effective plans in place. Prevention is the better than the cure There are no easy answers to the question of how to secure IoT smart devices — especially at the ‘budget conscious’ end of the market. That’s why we expect that these DDoS attacks will continue to proliferate, meaning that targeted DDoS attacks of increasing scale and frequency will almost certainly occur as a result. So how can retailers defend themselves against the threat of an attack? Organizations have to use a combination of measures to safeguard against even the most determined DDoS attack. This include: 1. Limiting the impact of an attack by absorbing DDoS traffic targeted at the application layer, deflecting all DDoS traffic targeted at the network layer and authenticating valid traffic at the network edge 2. Choosing an ISP that connects directly to large carriers and other networks, as well as internet exchanges — allowing traffic to pass efficiently 3. Employing the services of a network-based DDoS provider — with a demonstrable track record of mitigating DDoS attacks and sinking significant data floods. This will safeguard specific IP address ranges that organizations want to protect. Chinese New Year is a critical period for retailers — and hopefully for all the right reasons. But in an increasingly digital world, consideration needs to be given to the IT infrastructure that underpins today’s retail business and the security strategy that protects it. Source: http://www.enterpriseinnovation.net/article/three-ways-retailers-can-safeguard-against-cybercrime-512090779
Read the original post:
Three ways retailers can safeguard against cybercrime
The Drudge Report, the highly trafficked conservative news website, has been knocked offline for extended periods during the past two weeks, succumbing to large distributed denial of service attacks, according to its founder, Matt Drudge. And it’s a mystery who’s behind it. Drudge wrote on Twitter that a December 30 attack was the “biggest DDoS since site’s inception.” A DDoS attack is executed by using hijacked computers or electronic devices to flood a website with redundant requests, aiming to overload the website’s hosting server and render it unavailable. But, according to cybersecurity experts who spoke with Business Insider, using such a method to take down the Drudge Report would not be easy. The site is already equipped to handle a high volume of visitors and scale out to accommodate spikes in traffic. Moreover, a website that generates so many page views would most likely employ strong defense measures, the cybersecurity experts said. “The Drudge Report has a massive readership,” said Ajay Arora, the CEO and cofounder of the cybersecurity firm Vera. “Generally someone that has that kind of viewership is going to have sophisticated hosting and counter defenses against DDoS attacks.” Since emerging in 1996, the Drudge Report has been a home to conservatives who feel disenfranchised by traditional media. Drudge has marketed his site as a news destination not controlled by corporate interests or politicians. And he’s had great success. SimilarWeb, an analytics firm, continually ranks the Drudge Report as one of the five most-trafficked media publishers in the US. According to analytics posted to the site, the Drudge Report has amassed about 775 million page views in the past 31 days — all with hardly any traffic coming from social-media channels. It’s a high-prized target, one that now sees itself under attack by an unknown culprit. Drudge has pointed the finger at the US government, tweeting that the traffic that downed his website had “VERY suspicious routing [and timing].” “Attacking coming from ‘thousands’ of sources,” he wrote on Twitter. “Of course none of them traceable to Fort Meade…” Drudge seemed to imply that his site was taken down in connection with punishment leveled against Russia for election-related hacking. The first attack on his site came hours after President Barack Obama announced the US would impose sanctions against Moscow, and the Drudge Report had previously been identified in a discredited Washington Post story as responsible for spreading Russian propaganda. “Maybe they think this is a proportional counterattack to Russia,” tweeted Sharyl Attkisson, a former CBS News investigative journalist. “After all they have decided @Drudge is Russian fake news, right?” Neither the White House nor the Office of the Director of National Intelligence responded to requests for comment. But cybersecurity experts who spoke with Business Insider discounted Drudge’s claim on grounds that the government attacking a US journalist’s site would be a blatant violation of the Constitution — as well as generally improbable. “If Putin wanted to take down a website, I’m sure he could order it,” said Jared DeMott, a former security engineer for the National Security Agency who is now the chief technology officer of Binary Defense Systems. “If Obama wanted to do something like that, he’d have to go to different people. It would be a hard conversation to have.” “Maybe if there was a military reason to have it,” DeMott added. “But domestically, there is no way.” DeMott, however, posited that another nation-state could be the potential culprit. “It definitely could be a nation-state,” he said. “They do stuff like that on an ongoing basis, whether they are looking for intel or trying to destabilize a political region.” Arora of the firm Vera agreed, saying that only a “small number of groups” in the world had the sophistication necessary to execute an attack to take out the Drudge Report for extended periods. “I would say it would be a group or nation-state that has pretty sophisticated methods and means,” he said. “Given the fact it’s happened a number of times and is persistent for well over a few minutes, and it’s coming from multiple sources, against a site that would have a lot of protection, it would indicate it’s someone pretty sophisticated.” Chris Weber, the cofounder of Casaba Security, agreed that because the Drudge Report was “getting so much traffic already,” a DDoS attack would need to be on a far “greater magnitude” to be effective against it. “It does seem unlikely that the Drudge Report would be easily taken down or slowed significantly by a standard DDoS attack,” he said. He surmised that the attack that took down the site was perhaps more on the scale of the massive cyberattack that temporarily knocked out Dyn, a large DNS company, in October. WikiLeaks said its supporters were behind that attack as a show of support for the group’s founder, Julian Assange. Outside nation-states, it is equally probable that the Drudge Report has come under fire from a “hacktivist” organization, perhaps unhappy with the political views espoused by the site’s founder. Drudge has always been a controversial conservative figure, but in 2016 he went all-in for President-elect Donald Trump, often igniting controversy with inflammatory headlines emblazoned on his site. But hacktivist organizations almost always take credit after a successful attack has been executed, experts said. So far, no one has claimed credit for the attacks on the Drudge Report. And without a group taking credit, it may be impossible to determine the culprit. “Attribution has always been hard in cyber,” DeMott said. “The science is just quite not mature.” Arora said any information Drudge “can provide in terms of motives” to a cybersecurity team would be helpful in identifying the responsible party. “There’s a lot of people that don’t like Matt Drudge,” he said. “He likes to push people’s buttons. Anyone who he specifically has knowledge of, who would be out to get him.” Arora added: “It’s not just a technology question. It’s also a motive question.” Source: http://www.businessinsider.com/hackers-ddos-drudge-report-2017-1
See the article here:
Someone is trying to take down the Drudge Report, and it’s a mystery who’s behind it
123-Reg, the biggest hosting company in the UK, is targeted a second time in as many years with a chain of major DDoS attacks. The biggest provider of domain registrations in the UK, 123-reg, has once again been the target of a DDoS attack. The result was that users weren’t able to get into their websites or email accounts. Considering this is just the start of 2017, the company has had to deal with another major blow. The company informed of the attacks formally using Twitter, explaining that they believed the attack had just begun and they were working on options to redress the situation and were attempting to work out the impact of the attack. They promised updates would follow. They continued to explain that the company’s network teams kept scrubbing and rerouting bad traffic. Of course, apologies were made for any problems their customers were experiencing. Once again, they reiterated that their team was still rerouting traffic and that they would provide further information soon. The DDoS attack took place on Friday, with the company stating that their IT team had mitigated the DDoS attacks, as evidenced by the resumption of services at around 1 PM. However, some users are still complaining today that they can’t get into their websites. 123-Reg sent out another two tweets in which they attempted to explain that the DDoS attack had just begun and they were attempting to resolve the issue. Later that day, they issued another tweet, stating that the problem had been fixed by 1 PM and that they apologized for any issues. In 2016, 123-Reg was the target of 2 big DDoS or Distributed Denial of Service, attacks. One took place in April, while one occurred in August. The firm stated that it was possible they lost a small amount of user information after the attack that occurred in April. Customers were very displeased at the time because, even after doing their best, the firm only succeeded in bringing back online only 39 percent of their Virtual Private Servers after a week. In August, the company was once again hit by a huge 30Gbps DDoS attack, which completely brought their site down. OVH, a French hosting company, was also the target of large DDoS attacks going up to 1Tbps last year. The firm stated that the Mirai botnet malicious code had been used in the attacks against them but 123-Reg did not make any similar statements. Source: https://www.socpedia.com/biggest-british-hosting-company-123-reg-suffers-major-ddos-attack
View original post here:
Biggest British Hosting Company 123-Reg Suffers Major DDoS Attack