Category Archives: DDoS Vendors

Finns chilling as DDoS knocks out building control system

Hint: next time, buy a firewall before you’re attacked Residents in two apartment buildings in the Finnish town of Lappeenranta had a chill-out lasting more than a week after a DDoS attack battered unprotected building management systems.…

Read More:
Finns chilling as DDoS knocks out building control system

Massive DDoS Attacks Disable Internet Access Throughout Liberia

British security researcher Kevin Beaumont recently reported that a series of massive cyber attacks using the Mirai DDoS botnet periodically disabled all Internet access throughout the country of Liberia. “Liberia has one Internet cable, installed in 2011, which provides a single point of failure for Internet access. … The attacks are extremely worrying because they suggest a Mirai operator who has enough capacity to seriously impact systems in a nation state,” Beaumont wrote. An employee at a Liberian mobile service provider told Network Worldthat the attacks were hurting his business. “It’s killing our revenue,” he said. “Our business has been targeted frequently.” Beaumont said it appears that the attacks, which targeted Liberian telecom operators who co-own the single Internet cable, were being used to test denial of service techniques. Given the volume of traffic, more than 500 Gbps, Beaumont said it appears that the botnet is owned by the same actor who hit the managed DNS provider Dyn on October 21, disabling websites across the U.S. Mikko Hypponen, chief research officer at F-Secure, told VICE News that those actors were probably… kids. “Kids who have the capability and don’t know what to do with it,” he said. Flashpoint director of security research Allison Nixon agreed with that assessment, stating in a blog post, “The technical and social indicators of this attack align more closely with attacks from the Hackforums community than the other type of actors that may be involved, such as higher-tier criminal actors, hacktivisits, nation states, and terrorist groups.” Still, NSFOCUS chief research intelligence analyst Stephen Gates told  eSecurity Planet  by email that attacks like these could have a real impact on tomorrow’s U.S. presidential election. While U.S. polling machines aren’t connected to the Internet, Gates said, some voter identification systems may be. “In some states, the voter ID must be checked before a voter can proceed,” he said. “If those systems are connected to the Internet to gain access to a database of registered voters, and they were taken offline, then would-be voters could not be verified.” “What that would mean to the election process is anyone’s guess,” Gates added. According to Nexusguard’s Q3 2016 DDoS Threat Report, the number of reflection-based DDoS attacks fell more than 40 percent during the third quarter of the year, while IoT-based botnets reached unprecedented speeds. The U.S. saw the most attack events in the third quarter, followed by China, Russia and the United Kingdom. “Few service providers can sustain the level of malicious traffic we saw in Q3 from IoT botnets, so these DDoS outages are causing companies to completely rethink their cybersecurity strategies,” Nexusguard chief scientist Terrence Gareau said in a statement. “Hackers’ preferences for botnets over reflection attacks are typical of cyclical behavior, where attackers will switch to methods that have fallen out of popularity to test security teams with unexpected vectors,” Gareau added. Source: http://www.esecurityplanet.com/network-security/massive-ddos-attacks-disable-internet-access-throughout-liberia.html

More:
Massive DDoS Attacks Disable Internet Access Throughout Liberia

Barracuda: Outage caused by ‘large number of inbound connections’

Yet firm refuses to say the word DDoS. What are they hiding? Outage-hit security firm Barracuda appears to have been struck down by a DDoS – though the firm says it’s still investigating and refuses to confirm or deny it.…

More here:
Barracuda: Outage caused by ‘large number of inbound connections’

Universal hijack hole turns DIY Wix blogs into botnets

Communications failure leads to zero day, late patch, natch. Millions of do-it-yourself websites built with the Wix web maker were at risk of hijack thanks to a brief zero day DOM-based cross-site scripting vulnerability.…

Read More:
Universal hijack hole turns DIY Wix blogs into botnets

Linux/IRCTelnet creates new, powerful IoT DDoS botnet

Linux/IRCTelnet (new Aidra), a new piece of Linux malware targeting IoT devices and turning them into DDoS-capable bots, has been spotted and analyzed by one of the researchers who share their discoveries on the MalwareMustDie! blog. Linux/IRCTelnet is an interesting mix of capabilities associated with older malware. The base of Linux/IRCTelnet is the source code of the Aidra bot, used years ago by an anonymous researcher to build a botnet (or, as he called it, … More ?

View article:
Linux/IRCTelnet creates new, powerful IoT DDoS botnet

How to protect your business from DDoS attacks

Increasingly, IT teams find themselves on the front lines of a battle with an invisible enemy. Cyber-threats and attacks continue to increase, with the anonymous intruders breaching large and small enterprises alike. Even with the most robust security strategies in place, continuous vigilance is required just to keep up with the ever-evolving tactics of intruders. A report by Imperva states that the UK is now the second most popular target in the world for DDoS attacks. With attacks increasing both in frequency and complexity, what do security professionals need to know when it comes to DDoS? Mitigate and minimise damage At least once a week, there is news about successful businesses being disrupted by these attacks and those are only the ones that are reported – many smaller companies suffer from DDoS offenders that we just don’t hear about. The number of attacks rose by 221 percent over the past year – underlining the need for an active DDoS defence. DDoS attacks work by flooding a website or domain with bandwidth until it breaks down under the weight of traffic. The best way for companies to mitigate against these sort of attacks is to have an accurate overview of the traffic and data feeds in the network. By using real-time data analytics, threats can be detected at an early stage and re-routed to scrubbing centres – thereby neutralising the attack before it has had the chance to do any real damage. Long-term protection and prevention It is crucial that security professionals not only think about the short term tactics to minimise cyber-attacks but also consider long term infrastructure protection when it comes to managing security and preventing future DDoS attacks. Cloud-based managed security services are an important tool to protect against cyber-attacks as they are used by a multitude of services and Internet service providers – providing extra levels of security and making it harder for the DDoS attack to reach their intended targets. In most cases, it is best to err on the side of caution when it comes to cyber-security. Adopting a “zero trust” approach to threats minimises the risk of a potential breach. Earlier this year, we saw the reputational damage caused to a major UK bank when one of their payment websites was brought down by a suspected DDoS attack. The UK’s position as a global leader in financial services makes it a high-profile and potentially very rewarding target for would-be cyber-criminals. However, it is not just financial services companies who are at risk. The UK has a sophisticated and fast growing digital economy, it is expected to account for 12.4 percent of GDP in 2016 – a substantial amount of money and traffic across all industries with an online presence at risk of DDoS attacks. It is now more important than ever for security professionals to have real-time data analytics in their defensive arsenal to detect and neutralise threats early on. The shared aspects of cloud technology can benefit companies with their multiple layers of security in place that can deter potential future attacks. We have seen the financial and reputational losses that can arise from it and how these attacks can affect major UK businesses. Real-time data and a sophisticated infrastructure network, capable of re-routing and quelling dangerous activity is the best way of mitigating against this increasingly prevalent threat. Source: http://www.scmagazineuk.com/how-to-protect-your-business-from-ddos-attacks/article/526297/

Read the article:
How to protect your business from DDoS attacks