Infamous hacker group Lizard Squad is thought to be at it again, this time taking down Overwatch servers and leaving players unable to join and remain in a session. Over the past week, Blizzard has been experiencing some problems with Battle.net that have made it difficult for players to use the service as intended with games like Overwatch . Now, there’s word that these issues might have been caused by a DDoS attack launched by members of hacker group Lizard Squad. Some users are reporting that they are unable to log in to Battle.net. Others are able to enter, but find themselves kicked out of multiplayer matches in Overwatch for seemingly no reason. Ordinarily, issues like these would be brushed off as being part and parcel of the modern online experience. However, a suspicious tweet from a known Lizard Squad member has led to the group being implicated, according to a report from VG247. The above tweet is being taken as proof that Lizard Squad member AppleJ4ck was involved with the attack. Some Overwatch players responded to his post to vent their annoyance about the situation — to which AppleJ4ck responded, “in a way, I’m doing y’all a favor.” This is not the first time that Lizard Squad has targeted organizations within the video game industry. The group rose to prominence back in 2014, when a coordinated attack brought down the PlayStation Network and Xbox Live over Christmas, causing massive headaches for the companies involved. Of course, the attack was not an unmitigated success for the group, as the high-profile hack made Lizard Squad an immediate target for authorities. Just days later, a 22-year-old alleged to be a part of the organization was the subject of a raid by police in the United Kingdom. However, the strength of a group like Lizard Squad is the fact that they are spread all over the world. Individual members can be found and brought to justice, but it’s difficult to make a concerted attempt to stamp out its activity outright. If the situation is hard on the authorities, then it’s even more challenging for a company like Blizzard. The overwhelming popularity of Overwatch means its hard enough for the company to keep Battle.net afloat at the best of team, never mind when there are hackers on the prowl. Unfortunately, criminal elements like Lizard Squad are part and parcel of the modern online experience. Companies like Blizzard have to take these groups into consideration when operating a service like Battle.net — hackers have the power to ruin the experience for the rest of us, and the only defence is a robust level of security. Source: http://gamerant.com/overwatch-servers-down-ddos-attack-846/
Category Archives: DDoS Vendors
Businesses receive another warning over the threat of DDoS attacks
We have all heard the stories of businesses which have suffered debilitating DDoS attacks and, in some cases, succumbing altogether. Take Code Spaces, the web-based SVN and Git hosting provider which suffered such an attack in June 2014 that it was forced to wave the white flag and cease trading after recovering all the data lost would cost too much. Now, a new piece of research from A10 Networks argues businesses face ‘sudden death’ from DDoS if caught unawares. The average company was hit by an average of 15 DDoS attacks per year, according to the survey of 120 IT decision makers, with larger organisations more badly affected. One in three (33%) respondents said they had encountered DDoS attacks of more than 40 Gbps, while one in five had suffered downtimes of more than 36 hours due to the attack. The average attack of those polled lasted 17 hours. More than half (54%) of respondents said they would increase their DDoS budgets in the coming six months, while multi-vector attacks were seen by the majority of those polled (77%) as the most dangerous form of DDoS threat in the future. “DDoS attacks are called ‘sudden death’ for good reason. If left unaddressed, the costs will include business, time to service restoration and a decline in customer satisfaction,” said A10 Networks CTO Raj Jalan. He added: “The good news is our findings show that security teams are making DDoS prevention a top priority. With a better threat prevention system, they can turn an urgent business threat into an FYI-level notification.” Previous research has examined the growing sophistication of DDoS threats. In April, Neustar argued that such DDoS issues were “unrelenting”, with more than seven in 10 global brands polled having been subject to an attack. Source: http://www.appstechnews.com/news/2016/jun/16/businesses-receive-another-warning-over-threat-ddos-attacks/
Continue reading here:
Businesses receive another warning over the threat of DDoS attacks
DDoS defenses have been backsliding but starting a turnaround
Distributed denial-of-service attacks have been getting bigger and lasting longer, and for the past few years defenses haven’t kept pace, but that seems to be changing, Gartner analysts explained at the firm’s Security and Risk Management Summit. Gartner tracks the progress of new technologies as they pass through five stages from the trigger that gets them started to the final stage where they mature and are productive. The continuum is known as the Hype Cycle. DDoS defense had reached the so-called Plateau of Productivity – the final stage – in 2012, but then has moved backwards in the Hype Cycle in the past few years into the previous stage – the Slope of Enlightenment – says Gartner analyst Lawrence Orans. That fall, DDoS attacks were 10 times as large as any then seen hit Bank of America, JPMorgan Chase, Wells Fargo, U.S. Bank and PNC Bank using botnets of compromised servers to generate high volumes of traffic against not only HTTP and HTTPS but DNS as well. They also went after protocols including TCP, UDP, and ICMP. That was followed up in 2013 by the use of NTP amplification attacks that used Network Time Protocol servers to swamp networks with responses to requests made from spoofed IP addresses in the target network. “That set DDoS back on its heels,” Orans says. But security vendors and service providers that offer DDoS protection have caught up, and Gartner’s Hype Cycle rating for DDoS defenses will shift again back toward the maturity end of the scale, he says. That’s encouraging because the number of DDoS attacks from the first quarter of 2015 to the first quarter of 2016 more than doubled, according to Akamai’s latest State of the Internet Security report, and mega attacks hit hundreds of gigabits per second. Attacks of 300Gbps and above can be handled by leading DDoS vendors, Orans says, and given the ready availability of DDoS attack kits, it’s important for corporations to pay for this type of protection. Competition among DDoS mitigation providers is increasing, so prices have dropped, he says. Flat fees per month were the norm for DDoS protection services, but now there are more flexible plans. Protection can come in three models. Providers sell access to scrubbing centers, where traffic during a DDoS attack is redirected to a provider’s network where the attack traffic is dropped and only good traffic returned to the customer network. This can cost $5,000 per month and up. Some providers he mentioned: Akamai, Arbor, F5, Neustar, Nexusguard, Radware and Verisign. Some ISPs offer this type of service at a 15% to 20% premium over bandwidth costs, he says. Some ISPs are better at it than others, so customers should check them carefully, particularly newer and regional ones. Many businesses have multiple ISPs, so they should do the math to see if it makes sense to use this option, he says. Some ISPs he mentions: AT&T, CenturyLink, Level 3 and Verizon. Content-delivery networks can also help mitigate DDoS attacks, he says, by virtue of their architecture. CDNs distribute customer Web content around the world so it’s as close as possible to end users. That distribution makes it harder for attackers to find the right servers to hit and diffuses their capabilities. This option isn’t for everyone, he says. It’s not as effective as the others and it doesn’t make sense unless a business needs a CDN anyway to boost its response time. Web application firewalls can help mitigate those DDoS attacks that seek to disrupt use of Web applications. They can be deployed on premises with gear owned by the customer, but internet-hosted and cloud-based WAF services are emerging, Orans says. Cloud-based WAF is fastest growing for mobile devices that must be deployed quickly, he says. Source: http://www.networkworld.com/article/3083797/security/gartner-ddos-defenses-have-been-backsliding-but-starting-a-turnaround.html
See the original article here:
DDoS defenses have been backsliding but starting a turnaround
DNS attacks cost businesses more than $1 million a year
New research has revealed that DNS attacks are costing businesses more than $1 million a year in lost business and service downtime. For years, DNS has silently and peacefully served internet needs, but it’s mostly been thought of as a trivial protocol requiring very basic configuration and monitoring. Despite its criticality, this service has never really been considered as a potential security issue, mostly because common usage leads people to believe it is a trivial protocol requiring very basic confguration and monitoring. But while DNS may have been safe and apparently secure for the last twenty years, because of its complexity and evolving role in the IT industry it has become a powerful attack vector, with 91% of malware using the DNS protocol. According to the new study from IDC and EfficientIP , the top three DNS attacks that have the largest impact on an organisation are Distributed Denial of Service (DDoS attacks, Zero-Day vulnerabilities and data exfiltration. These types of attacks are the main cause of business outage and data theft. But despite 74% being victims of DNS attacks, 25% of businesses still aren’t implementing any kind of basic security software. EfficientIP’s experts warn that existing DNS defenses are outdated and no longer work. Until now, the approach to IT Security has been one that has downplayed the risk of DNS threats, bundling them in with a wide selection of diferent network threats that can be protected using traditional security tools and techniques. It is an approach that threatens DNS security by overcomplicating architectures, adding slow and inappropriate layers of defence. While firewalls can protect on a basic level, on their own they;re not designed to deal with high bandwidth DDoS attacks, or detect DNS tunnelling attempts (the majority of DDoS attacks are now over 1Gbps), and most businesses still rely on the ‘out-of-the-box’ non-secure DNS servers offered by Microsoft or Linux servers. ‘The report has highlighted that despite the massive increase in cyber attacks, companies and their IT departments still don’t fully appreciate the risks from DNS-based attacks,’ said David Williamson, EfficientIP CEO. ‘In just under two years GDPR will come into effect and companies will be held responsible for all security breaches and could face major fines. It’s crucial for all businesses to start taking DNS security seriously.’ Source: http://www.information-age.com/technology/security/123461604/dns-attacks-cost-businesses-more-1-million-year-study
View article:
DNS attacks cost businesses more than $1 million a year
Anonymous take down South African State Broadcasting Corp Website Over News Censorship
Anonymous DDoS South African State Broadcasting Corporation Website, SABC says Anonymous hackers are cowards The online hacktivist group, Anonymous have taken offence at the news censorship in South Africa. An Anonymous affiliated group yesterday brought down the SABC website to protest against the rising censorship in South Africa. The South African Broadcasting Corporation (SABC), which is the official state-sponsored broadcaster of Africa has confirmed that its websites were hacked on Sunday. A Twitter account belonging to a hacktivist group dubbed Anonymous Africa claimed responsibility for the downtime of the SABC websites. The hacker targeted the DDoS attacks at the websites for SABC’s main TV channel, but also the 5FM and SAFM radio stations. The attacks begun at noon on Sunday and stopped four hours later after bringing down all Web-related services. The hacker announced its intentions to carry out the attacks on Twitter, on the night between Saturday and Sunday, about nine hours before they started. Anonymous Africa in a series of tweets on Sunday, said it was carrying out the alleged attack in light of allegations of censorship at the SABC. SABC chief operating officer Hlaudi Motsoeneng has blocked the broadcaster from showing burning of public property in a move to discourage vandalism while he has further driven a controversial ‘good news’ policy. The censorship charges arised after anti-government protests in South Africa that turned violent. It’s after these protests that SABC took its decision, and also urged private TV stations to stand in solidarity. In statements to South African tech news site Fin24, an SABC representative called the attackers “cowards” for attacking a “national key-point.” In the meantime, Anonymous Africa, which claims links to global hacktivist group Anonymous has promised more cyberattacks against the SABC. “We will stop the attacks at SABC (for now) at 4pm. We are not done yet, lots of action coming. Things are going to get wild!” tweeted the group on Sunday. Source: http://www.techworm.net/2016/06/anonymous-take-south-african-state-broadcasting-corp-website-news-censorship.html
More:
Anonymous take down South African State Broadcasting Corp Website Over News Censorship
Retail, gaming industries hardest hit with web application and DDoS attacks
Akamai published the Q1 2016 State of the Internet – Security Report, which provides a detailed view of the global cloud security threat landscape and in-depth analysis and insight into malicious activity. Multi-vector attacks accounted for 59% of DDoS activity in Q1 2016, reflecting a slight increase compared with last quarter (56%) During Q1, Akamai mitigated more than 4,500 DDoS attacks, a 125 percent increase compared with Q1 2015. As in recent quarters, the vast … More ?
See more here:
Retail, gaming industries hardest hit with web application and DDoS attacks
Massive DDoS attacks reach record levels as botnets make them cheaper to launch
Nineteen attacks that exceeded 100Gbps were recorded during the first three months of 2016 There were 19 distributed denial-of-service (DDoS) attacks that exceeded 100 Gbps during the first three months of the year, almost four times more than in the previous quarter. Even more concerning is that these mega attacks, which few companies can withstand on their own, were launched using so-called booter or stresser botnets that are common and cheap to rent. This means that more criminals can now afford to launch such crippling attacks. “In the past, very few attacks generated with booter/stresser tools exceeded the 100 Gbps mark,” researchers from Akamai said in the company’s State of the Internet security report for the first quarter of 2016 that was released Tuesday. By comparison, only five DDoS attacks over 100 Gbps were recorded during the fourth quarter of 2015 and eight in the third quarter. Nineteen such attacks in a single quarter is a new high, with the previous record, 17, set in the third quarter of 2014. But high bandwidth is not the only aspect of DDoS attacks that can cause problems for defenders. Even lower-bandwidth attacks can be dangerous if they have a high packet rate. A large number of packets per second poses a threat to routers because they dedicate RAM to process every single packet, regardless of its size. If a router serves multiple clients in addition to the target and exhausts its resources, that can cause collateral damage. According to Akamai, in the first quarter there were six DDoS attacks that exceeded 30 million packets per second (Mpps), and two attacks that peaked at over 50 Mpps. DDoS reflection and amplification techniques continue to be used extensively. These involve abusing misconfigured servers on the Internet that respond to spoofed requests over various UDP-based protocols. Around one-in-four of all DDoS attacks seen during the first three months of 2016 contained UDP (User Datagram Protocol) fragments. This fragmentation can indicate the use of DDoS amplification techniques, which results in large payloads. The four next most common DDoS attack vectors were all protocols that are abused for DDoS reflection: DNS (18 percent), NTP (12 percent), CHARGEN (11 percent) and SSDP (7 percent). Another worrying trend is that an increasing number of attacks now use two or more vectors at the same time. Almost 60 percent of all DDoS attacks observed during the first quarter were multivector attacks: 42 percent used two vectors and 17 percent used three or more. “The continued rise of multi-vector attacks suggests that attackers or their attack tools are growing more sophisticated,” the Akamai researchers said in their report. “This causes problems for security practitioners, since each attack vector requires unique mitigation controls.” China, the U.S. and Turkey were the top three countries from where DDoS attack traffic originated, but this indicates where the largest number of compromised computers and misconfigured servers are located, not where the attackers are based. The most-hit industry was gaming, accounting for 55 percent of all attacks. It was followed by software and technology (25 percent), media and entertainment (5 percent), financial services (4 percent) and Internet and telecommunications (4 percent). Being hit by one isn’t the only way DDoS attacks can affect businesses: They can also be blackmailed with the threat of one, an increasing trend over the past year. In some cases attackers don’t even have to deliver on their threats. Researchers from CloudFlare reported recently that an extortion group earned $100,000 without ever launching a single DDoS attack. Source: http://www.itnews.com/article/3079988/massive-ddos-attacks-reach-record-levels-as-botnets-make-them-cheaper-to-launch.html
See original article:
Massive DDoS attacks reach record levels as botnets make them cheaper to launch
Anonymous Announces #OpSilence, Month-Long Attacks on Mainstream Media
Members of the Ghost Squad Hackers team, one of most active Anonymous sub-divisions, have carried out DDoS attacks on CNN and FOX News as part of a new hacktivism campaign. Called OpSilence, the campaign’s goal is to attack all mainstream media that fails to report on the Palestine war or the true crimes happening in Syria, one of the hackers told Mic. #OpSilence will take place during the entire month of June 2016 The operation will be run similarly to #OpIcarus , a month-long series of attacks that took place in the month of May against various banks around the world. Any hacktivism group is welcomed to join, and the campaign comes on the heels of OpIcarus, which just ended yesterday. Ghost Squad Hackers didn’t wait for June to start to begin their attacks, and they’ve already hit the email servers of FOX News and CNN. The group has been changing tactics lately, switching from DDoSing public websites to attacking mail servers, as they did most recently against the Bank of England. Other hackers have taken a pro-Palestine stance before Taking a pro-Palestine stance isn’t something strange for hackers, many others supporting this cause as well. The previous group that did so was CWA (Crackas With Attitude), whose hacked targets include CIA Director John Brennan’s personal AOL email account, FBI Deputy Director Mark Giuliano, US National Intelligence Director James Clapper, and President Barack Obama’s Senior Advisor on science and technology John Holdren. The group is also responsible for hacking the JABS US national arrests database. They also leaked details for 2,400 US government officials, 80 Miami police officers, 9,000 DHS employees, and 20,000 FBI staffers. Back in February, the group’s leader, a sixteen-year-old boy, was arrested in East Midlands, England. Source: http://news.softpedia.com/news/anonymous-announces-opsilence-month-long-attacks-on-mainstream-media-504760.shtml
See the article here:
Anonymous Announces #OpSilence, Month-Long Attacks on Mainstream Media
UK-Based Llyod’s Bank Sees Decrease in Cyberattacks
Swimming against the torrent of relentless headlines highlighting the lack of cybersecurity among banks, government agencies, and popular websites, the Lloyds Banking Group has seen an 80-90% drop in cyberattacks. The reason? “Enhanced” cybersecurity measures. While banks around the world begin to accept the uncomfortable reality wherein a $81 million cyber-heist is entirely plausible whilst relying on the global banking platform (SWIFT), one UK-based bank has seen a drop in cyber-attacks. UK-based Llyods Banking Group has seen a drop of between 80% to 90%, even though there has been an increase in cyberattacks targeting the UK this year. The revelation was made by Miguel-Ángel Rodríguez-Sola, the group director for digital, marketing & customer development. One of the most common attack vectors remain Distributed Denial of Service (DDoS) attacks. “There had been an increase in the UK in terms of cyber attacks between June and February this year,” Rodríguez-Sola stated. He added “However, over the last two months, I have had five-times less than at the end of last year.” Speaking to the Telegraph , he claimed a greater collaborative effort with law enforcement agencies. More notably, he spoke about the enabling of additional layers of cyber-defenses, without going into specifics. In statements, he said: We needed to re-plan our digital development to make sure that we put in new defences, more layers. [The number of cyberattacks] is now one-fifth or one-tenth of what it was last year. The news of a decrease in cyberattacks faced by the banking group comes during a time when a third bank was recently revealed to be a victim of the same banking group which was involved in a staggering $81 million dollar heist involving the Bangladesh Central Bank. Increasing reports of other member banks of the SWIFT network falling prey to cyberheists has spurred SWIFT to issue a statement, urging banks to report cybercrimes targeting member banks. Source: https://hacked.com/uk-based-llyods-bank-sees-decrease-cyberattacks/
View article:
UK-Based Llyod’s Bank Sees Decrease in Cyberattacks
Hacker imprisoned for stealing Bitcoin, selling botnet on Darkode
A Louisiana man was sentenced to 12 months and one day in prison for using a computer to steal money, hacking computers to obtain passwords, and attempting to sell information on the online hacking forum known as Darkode. Rory Stephen Guidry, aka k@exploit.im was sentenced by US District Judge Dee D. Drell on one count of obtaining information by computer from a protected computer. He was also sentenced to three years of supervised release. According … More ?
Visit site:
Hacker imprisoned for stealing Bitcoin, selling botnet on Darkode