Category Archives: Security Websies

DDoS Attacks Increase 200%; UK Now Second Most Targeted Nation

DDoS attacks have increased by over 200% in the last year, according to new research from Imperva. The uptick in attacks has been attributed to DDoS-for-hire services, the company said. DDoS attacks are now among the most common cyber threats businesses can face, according to Imperva. Between April 1, 2015 and March 31, 2016 it recorded an average of 445 attacks targeting its customers per week. More than 40% of customers affected were targeted more than once, and 16% were hit more than five times. The majority of attacks noted by Imperva targeted the application layer, making up 60% of all DDoS attacks. The remainder targeted the network layer. However, Imperva noted that the number of application layer attacks are trending downwards, dropping by 5% year over year. If that trend continues, network layer attacks could be just as common as application layer ones before too long. The most recent quarter covered by this report shows a big jump in the size of network layer attacks. The biggest recorded attack was 470 Gbps, while many others exceeded 200 Gbps. Imperva now says attacks of this size are a “regular occurrence.” These increases in DDoS attacks have been attributed to DDoS-for-hire services, where anyone can pay as little as $5 to launch a minute-long DDoS attack on a target of their choice. This means attacks can be launched by just about anyone—whether it’s because of a grudge against a particular company or just boredom. These now account for 93% of DDoS attacks, up from 63.8% in Q2 2015. Imperva says this has directly led to the increase in overall DDoS numbers. Another clue to an increase in DDoS-for-hire services and what Imperva calls “casual offenders” is a decrease in attack complexity. Starting in Q2 2015 the company recorded a decrease in multi-vector attacks; attacks using multiple vectors and payloads indicate a more sophisticated, complex attack. However, Q1 2016 saw an increase in the volume of assaults using five or more payloads. “This countertrend reminds us that—in parallel with the increased “hobbyist” activity—more capable cyber-criminals continue to improve their methods. As per the first rule of the DDoS mitigation industry, attacks continue to get larger and more sophisticated on the high-end of the scale,”  the report said . The report also examined where DDoS attacks generally emerge from. Once again, China tops the list, with a sharp increase recorded in South Korea. The excellent broadband infrastructure in the country enables attacks to easily launch effective attacks, Imperva said. The UK is now the world’s second most-attacked country, after the United States of America. Most attacks targeted small and medium businesses, but some bigger institutions, including the  BBC  and  HSBC , were hit as well. Source: http://www.infosecurity-magazine.com/news/ddos-attacks-increase-200/

More:
DDoS Attacks Increase 200%; UK Now Second Most Targeted Nation

Rio 2016: DoS attack made on Swimming Australia website after Mack Horton’s drug remarks

Swimming Australia’s website has been hit by a denial of service (DoS) attack. The ABC has learned the site is operating in an “under attack” mode in the wake of Olympic gold medallist Mack Horton’s comments about his Chinese competitor Sun Yang being a drug cheat. While the site has continued to operate, it has deployed software to check the veracity of every browser accessing the page to ensure they are legitimate. Horton’s social media has been bombarded with hundreds of thousands of negative comments from China. Swimming Australia is not commenting publicly but it is understood the attack has been referred to the Government for investigation. Security analyst Marco Ostini from AusCERT, a non-profit organisation that protects organisations from cyber attacks, said DoS attempts were extremely common. “It’s actually a very difficult problem to put a number on,” he said. “It’s certain though … based on all malicious metrics on the internet, it’s increasing.” Mr Ostini said without seeing the internet traffic and logs associated with Swimming Australia’s page it was hard to work out what had happened, but he doubted it was a high-level attack. “I’d be really surprised if it was [China] state-sanctioned attackers causing trouble for Swimming Australia,” he said. “It’s possibly more likely just a large amount of interested people who are expressing themselves in possibly posting comments [on the website].” Source: http://www.abc.net.au/news/2016-08-11/rio-2016-dos-attack-made-swimming-australia-website/7721848

Read the original:
Rio 2016: DoS attack made on Swimming Australia website after Mack Horton’s drug remarks

Meet DDoSCoin, the cryptocurrency that pays when you p0wn

Proof-of-work turned to nefarious purposes, like taking down a Census A curious proof-of-work project built on cryptocurrency has emerged that offers a means to prove participation in distributed denial of service (DDoS) attacks.…

Read More:
Meet DDoSCoin, the cryptocurrency that pays when you p0wn

About 170 DDoS attacks were launched on the government bodies of Ukraine in last six months.

A representative of the State Service of Special Communications and Information Protection of Ukraine told this to Secretary of the National Security and Defence Council Oleksandr Turchynov, Ukrayinska Pravda reports. “About 15,000 events of information security events, including 170 DDoS attacks, were launched on the government bodies of Ukraine in last six months,” the representative said. According to him, “14 central executive authorities have been already connected to the State Centre for Cyber Protection, and the works to connect another 12 bodies are ongoing.” Source: http://www.ukrinform.net/rubric-crime/2062435-170-ddos-attacks-launched-on-ukrainian-government-bodies-in-six-months.html

More:
About 170 DDoS attacks were launched on the government bodies of Ukraine in last six months.

Cybersecurity: Financial Institutions Fret over DDoS Attacks

Financial institutions, especially the banks, are getting more worried about the increasing rate of a new cyber attack called Distributed Denial of Service (DDoS), that has caused huge financial losses running into billions of naira to banks. Financial institutions expressed worries about further loss of funds to DDoS attacks at a security forum organised by MainOne and Radware in Lagos this week and called for technology solutions that would address the threat. During a panel session, Head, Infrastructure Services at Skye Bank, Mr. Tagbo Nnoli, said banks suffered major attacks last year from DDoS attacks on banks and that since then, the banks started seeking solutions to address the issue. Aside DDoS attacks, Nnoli said banks also suffered attacks from phishing and social engineering last year, resulting to huge financial losses. Head, Industry Security Services, Nigeria Inter-Bank Settlement System (NIBBS), Mr. Olufemi Fadairo, who confirmed that banks suffered huge financial losses to cyber attacks last year, however said the rate of losses due to online attacks, were beginning to reduce in 2016, following proactive measures taken by the Central Bank of Nigeria (CBN) and the NIBSS to address financial losses to cyber attacks. According to Fadairo, “NIBSS tries to protect organisations and in the past five years, there has been improvement on financial security. We do benchmarking to find out any disruption of a normal pattern of an organisation. By January 2016, we discussed about DDoS attacks on banks where 63 per cent of banks said such attacks would increase, if not mitigated on time.” Following the threat, we decided to focus on data companies like MainOne that provides data solution for the financial sector, Fadairo said. The Chief Information Security Officer at MainOne, Mr. Chidi Iwe, however raised the hopes of financial institutions at the forum, when he revealed that MainOne had partnered RadWare, a global security company to mitigate DDoS attacks in the country’s financial sector, by redirecting organisation’s traffic to the MainOne DDoS mitigation platform, from where it keeps organisation data fully protected at all times and maintaining the normal operations of organisations on-premises infrastructure. He said the service could detect and mitigate zero-day attack within 18 seconds. According to Iwe, over 50 per cent of enterprise companies globally, suffered DDoS attacks at the end of 2015, and Nigerian businesses are growing in recent yeas and the focus of attacks is gradually shifting to the Nigerian space. Although he said most attacks were not reported publicly in the past, but that there has been over 600 per cent growth in reporting attacks in Nigeria in recent times, based on CBN regulation. Two weeks ago, there was DDoS Attacks in Nigeria. Attacks have caused organisations over $500 billion in recent years, and DDoS attacks are predicted to be on the rise, Iwe said. He however assured financial institutions that the security solution service agreement it signed with Radware in 2016, would address insecurity issues with DDoS attacks. MainOne solution therefore monitors DDoS attacks and create alert for the company using the solution, he said, while listing the benefits of the solution to include online reporting, which allows customers to log online to find out what the trends are. The MainOne solution also offers training for customers in partnership with Radware to boost customer experience. He said capital expenditure CAPEX and operational expenditure OPEX, are completely eliminated by the solution. The Security Solution Architect at Radware, Mr. Eran Danino, while explaining how DDoS operates, said it first attacks firewalls, destroys it before replicating itself into other components. He said most organisations are not ready to mitigate DDoS attack because they either have saturated internet pipes, or they lack the security skills to detect and mitigate attacks. “What we do at Radware is to mitigate the attacks, just as the attackers change their attacking plans regularly,” Danino said. He explained that there was need for organisations to choose the best protection and draw up a checklist to find out the assets that must be protected first. He said Radware uses two approaches to mitigate DDoS attacks, through hybrid solution and full cloud service solution by protecting data from the cloud. Source: http://www.thisdaylive.com/index.php/2016/08/04/cybersecurity-financial-institutions-fret-over-ddos-attacks/

Read the original:
Cybersecurity: Financial Institutions Fret over DDoS Attacks

GTA 5 Outage: Why Grand Theft Auto V Was Not Working

PSN was also attacked Poodlecorp launched a Distributed Denial of Service (DDoS) attack on Rockstar Games’  GTA 5  servers to take the game down. This resulted in players being unable to play the online elements of the game with others. The attack lasted for a few hours before service was restored. The hack of  GTA 5  resulted in online elements from every version of the game not working. Those that tried to play during this time were met with error messages. Poodlecorp took to social media to claim responsibility for the hack and said more was in store for gamers on Sony Corp (ADR)’s (NYSE: SNE ) PlayStation Network, reports  Daily Star . Poodlecorp claimed it was able to cause small outages in the PlayStation Network for PS3 and PS4 users on Thursday morning. However, this doesn’t seem to be all it has planned. It claims that this was only a test before it launches a larger attack. Poodlecorp hasn’t announced plans for any other attacks outside of  GTA 5  and the PlayStation Network. While the  Grand Theft Auto V  servers are back up, there’s a possibility they could go down again throughout the day. The same is also true for the PlayStation Network. One of Poodlecorp’s members recently claimed in an interview that its ranks includes previous members of hacker group Lizard Squad. The group also took responsibility for an attack on Nintendo Co., Ltd (ADR)’s (OTCMKTS: NTDOY )  Pokemon Go  servers late last month,  Express  notes. Source: http://investorplace.com/2016/08/gta-5-outage-grand-theft-auto-v-rockstar-games-poodlecorp/#.V6OhaWWgPzI

Excerpt from:
GTA 5 Outage: Why Grand Theft Auto V Was Not Working

DDoS attacks increase 83%, Russia top victim

DDoS attacks increased 83 percent to more than 182,900 attacks in the second quarter of the year, according to Nexusguard. The newest report shows that Russia has become the No. 1 victim country. Starlink – a Russian ISP supporting small, medium and large enterprises – received more than 40 percent of the DDoS attacks measured over a two-day period. This targeted DNS attack also pushed the mean average DDoS duration to hours instead of minutes, … More ?

Read the original:
DDoS attacks increase 83%, Russia top victim

MIT Faced 35 DDoS Attacks in the First Six Months of 2016

Attackers targeted the servers of the Massachusetts Institute of Technology (MIT) 35 times in the first six months of the year, according to a threat advisory released by Akamai, a content delivery network and cloud services provider headquartered in Cambridge, Massachusetts. The biggest of these incidents was a DDoS attack that lasted a day, starting on June 7, that peaked at 295 Gbps and 58.6 million packets per second, combining different vectors such as DNS reflection, SYN flood, UDP fragment, PUSH flood, TCP flood, and UDP flood. Compared to other attacks recorded globally in the first six months, according to Arbor Networks, this MIT DDoS attack is one of the 46 such attacks that went over the 200 Gbps limit, with the absolute record being 597 Gbps . Kaiten botnet behind massive 295 Gbps attack Akamai believes that this attack took place at the hands of a botnet powered by the Kaiten malware. Prior to the 295 Gbps DDoS attack, MIT suffered an 89.35 Gbps attack as well. Attackers targeted multiple IPs in MIT’s network and used a combination of 14 different DDoS flood types. Akamai says that 43 percent of these attacks used protocols susceptible to DDoS reflection flaws that amplified the attacker’s traffic. The company detected 18,825 different sources of reflected traffic, with the most located in China. China’s presence on any DDoS source list should not be a surprise by now to anyone since the country is the source of much of today’s vulnerable equipment that gets connected online, a source ready for the taking for any determined hacker. DDoS attacks are on the rise The same Arbor Networks reports cites an overall increase in terms of DDoS attacks globally, a trend which has continued in July as well. Just this week, we reported on DDoS attacks against WikiLeaks , after announcing it would release emails from Turkey’s main political party; against the Rio de Janeiro court that banned WhatsApp in Brazil; Steemit social network ; the Philippines government websites ; Pokemon GO servers ; the HSBC bank ; and against the US Congress , US Library of Congress, and the US Copyright Office. Source: http://news.softpedia.com/news/mit-faced-35-ddos-attacks-in-the-first-six-months-of-2016-506542.shtml

See the original post:
MIT Faced 35 DDoS Attacks in the First Six Months of 2016

Massive DDoS Attack Shut Down Several Pro-ISIS Websites

A team of attackers shut down several ISIS aka Daesh websites against terrorist attacks in Nice and Middle Eastern countries! Terrorism has no religion that’s why whenever a terrorist attack is carried out the victims are innocent people irrespective of race or religion. Hackers and DDoSers, on the other hand, are well aware of the enemy and that’s why recently an attacker going by the handle of ”Mons” conducted a series of DDoS attacks using NetStresser tool just a couple of days ago. The reason for targeting these sites was to protest against the sudden increase of terrorist attacks in France and Middle Eastern countries. In a conversation with HackRead, Mons said that he also got assistance from the owner of BangStresser , the famous DDoSing tool which was allegedly used to shut down BBC’s servers and Donald Trump’s website in one of the largest DDoS attacks ever. However, the attack on pro- ISIS websites varied from 50 Gbps to 460 Gbps. Mons further stated that ”We worked together to take down several ISIS websites. This is for obvious reasons. We want to help in any way we can to weaken their influence that threatens and, to some length, literally destroys our very democracy and human rights. Especially after the recent attacks in France and Arabic countries, our wrath has grown. This war needs to be fought on many fronts, and we try to cover one of them.” Here is a screenshot showing the list of targeted websites along with tweets that show earlier attacks on pro-ISIS sites. Upon checking the history on some targeted sites we can confirm the sites were spreading violent content along with terrorist ideology however at the time of publishing this article some sites were restored while some were listed for sale. This is not the first time when attackers have targeted pro-ISIS platforms. In the past, Anonymous did not only conduct cyber attacks but also exposed companies hosting those sites  — Anonymous had also blamed  CloudFlare for protecting terrorists’ websites  from DDoS attacks but the company had denied the allegations. Source: https://www.hackread.com/ddos-attack-on-pro-isis-websites/

See the article here:
Massive DDoS Attack Shut Down Several Pro-ISIS Websites

Bart ransomware victims get free decryptor

AVG malware analyst Jakub Kroustek has devised a decryptor for Bart ransomware, and the company has made it available for download (for free). Bart ransomware This particular piece of malware was first spotted in late June, being delivered via spam emails sent out by the Necurs botnet – the botnet that’s responsible for the onslaught of Locky ransomware and the Dridex Trojan. Bart is not your typical crypto ransomware as it doesn’t encrypt victims’ files. … More ?

See the original article here:
Bart ransomware victims get free decryptor