Tag Archives: blocking-ddos

Finnish Defense Ministry Hit by DDoS Cyberattack

Finland’s Ministry of Defence (MoD) is reviewing its IT security infrastructure in the wake of a distributed denial of service (DDoS) attack on its main website. The attack was launched hours before Finnish President Sauli Niinistö met with Russian President Vladimir Putin in Moscow on March 22 to discuss regional security issues and the implementation of deeper cooperation on border defense. Initial investigations by the National Cyber Defense Center (NCDC) are examining the possibility that the cyberattack may have been launched from Russia to coincide with high-level, inter-government talks. Similar DDoS attacks launched against public and private organizations in Sweden in March had traced the servers to Russia. Niinistö met with US President Barack Obama in Washington on April 1. The meeting took place during the international Nuclear Security Summit hosted by the US president. Finland’s MoD confirmed that the sustained DDoS attack, which lasted more than three hours, was the second such cyberattack against its online IT infrastructure in 2016. The MoD responded by diverting traffic from its main site defmin.fi to a temporary site. The previous DDoS attack took place Feb. 27 and lasted nearly five hours. Other key government department websites, including finance, social affairs and health, agriculture and forestry, and the Council of State office, were targeted in simultaneous attacks. The timing of the latest DDoS attack is significant, coming as Finnish and US governments finalize plans connected to joint military exercises in Finland. Source: http://www.defensenews.com/story/defense/international/2016/04/04/finnish-defense-ministry-hit-ddos-cyberattack/82608438/

See original article:
Finnish Defense Ministry Hit by DDoS Cyberattack

Customers of large NZ website company Zeald have been hit by DDoS attack

Customers of a large New Zealand website design company have had their websites shut down due to a cyber attack believed to target one or more of the company’s customers. Customers of Zeald were informed on Thursday that some clients had experienced outages with their websites in recent weeks. The company, formed in 2001, with thousands of customers in New Zealand and Australia, has told clients the outages were caused by Distributed Denial of Service (DDoS) attacks. These attacks attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. They present a major challenge to making sure people can publish and access important information. “Simply put, a DDoS attack simulates millions of computers trying to access a website at the same time. This puts tremendous stress on the online infrastructure, and can make access to a website difficult, or impossible,” the company said in its email. “We believe these attacks are targeted at one of our customers,” it said. It said the attacks were difficult to resolve and were a rapidly expanding class of security attack. They did not involve ‘hacking’ and did not lead to the loss of confidential information, but they made it impossible to access a site. “They can be created by attackers with limited technical skill but options for dealing with them are extremely limited”. “Working with our upstream providers, we have been able to stop these attacks temporarily by blocking international traffic. Unfortunately, these attacks keep resuming and are no longer isolated to international traffic alone. These attacks are also causing major issues for our upstream providers as well as the other websites and services that they provide,” it said. “If you have experienced any kind of extortion attempt or communication threatening an attack like this please let us know. Any feedback regarding recent threats will be treated in the strictest confidence. If we know the target of the attack there are measures we can put in place to eliminate the problem”. Source: http://www.stuff.co.nz/technology/77539929/customers-of-large-nz-website-company-zeald-have-been-hit-by-cyber-attack

Excerpt from:
Customers of large NZ website company Zeald have been hit by DDoS attack

Xbox Live Suffers DDoS Disruption, Playstation Network May Be Next

A DDoS attack initiated by grey-hat hacker group Phantom Squad may have taken Microsoft’s Xbox Live online network offline for at least 3 hours today. If the hacker group’s threats are to believed, Sony’s PlayStation Network (PSN) may be next. Gamers, look away. This is going to make for painful reading. For the second time in two years, a hacker group may be disrupting two of the most popular gaming networks in the console gaming world, Xbox Live and the PlayStation Network. Hacked reported on the DDoS threats made by Phantom Squad a few days ago, after a series of tweets posted by the hacker group that also took credit for knocking Reddit offline recently. In a case of history repeating itself, the group is doing what infamous hacking group Lizard Squad did last year in December, disrupting gamers’ plans of going online with their consoles by taking down Xbox Live and PSN for several days last year. While the new group Phantom Squad threatened to take down the gaming networks during Christmas, Xbox Live suffered an outage in certain parts around the world for a few years today. To nobody’s surprise, Phantom Squad took credit for the outage. An update posted today on Xbox’s status website read: Hey Xbox members, are you having trouble purchasing or managing your subscriptions for Xbox Live? Are you also having an issue with signing into Xbox Live? We are aware of these issues and are working to get it fixed ASAP! Thank you for being patient while we work. We’ll post another update when more information becomes available. The message made no reference to any disruptions or DDoS attacks targeting the network although Microsoft nor Sony seldom acknowledge such attacks, even if they were bearing the brunt of such attacks. For now, Xbox Live Status shows all services are up and running and it is likely that Microsoft has found an IP range or two to block the DDoS requests flooding the servers, a common defense strategy against such attacks. Meanwhile, Phantom Squad has claimed that it will DDoS both gaming networks this Christmas Day. So we are going to DDoS Xbox&PSN on Christmas Day We Dont Joke We Are Always Watching Christmas Day PSN&Xbox This Is Not A Bluff #Phantom — PhantomSquad (@PhantomLair) December 18, 2015 The hacking group claims that the disruptions are to bring attention to the lack of cybersecurity in the gaming networks but gamers will argue the group is doing it simply to annoy a large population of console gamers looking to wind down and play games during the holidays. Hacked has previously reported on several disruptive malicious hackers, including those from Lizard Squad who have been arrested not long after their antics from Christmas last year. One of the suspects was arrested in the UK in January this year while another was apprehended as a part of a wider operation in March 2015. Hacked will keep you updated on this story as it unfolds in the week leading to Christmas. Source: https://hacked.com/xbox-live-suffers-ddos-disruption-playstation-network-may-next/

Read this article:
Xbox Live Suffers DDoS Disruption, Playstation Network May Be Next

Hacker squad plans DDoS attacks on PlayStation Network, Xbox Live this Christmas

Hacker group Phantom Squad plans to shut down Xbox Live and PlayStation Network on Christmas. Forget the Grinch, there’s someone else who wants to steal Christmas. Phantom Squad, an online hacker group, has threatened to shut down Xbox Live and the PlayStation Network this Christmas by unleashing a series of DDoS (distributed denial of service) attacks — coordinated barrages of falsified incoming server traffic that causes the system to crash. DATA BREACHES AND CYBERATTACKS IN 2015 “We are going to shut down Xbox Live and PSN this year on Christmas,” the hackers tweeted. “And we are going to keep them down for one week straight. #DramaAlert.” We are going to shut down Xbox live and PSN this year on christmas. And we are going to keep them down for one week straight #DramaAlert — Phantom Squad (@PhantomSqaud) December 9, 2015 This could cause a big problem, because a lot of people are expecting to receive new gaming consoles on Dec. 25. If Phantom Squad is successful, this would be the second year in a row that these gaming networks go offline. Last year, the infamous hacker group Lizard Squad took credit for shutting down Xbox Live and PSN for two days. The group demanded more retweets and Twitter followers in exchange for restoring the servers. Phantom Squad, which said it has no relation to Lizard Squad, claims they’ve previously performed smaller outages on the gaming community servers, as well as other website such as Reddit. The group also explained in a tweet why it is that they perform these attacks. “I get asked a lot on why we do this? Why do we take down PSN and Xbox Live?” the tweet reads. “Because cyber security does not exist.” Sony and Microsoft have both received a series of attacks over the past year, but it’s still unknown what tactics they’ve developed to try and avoid these issues. Kim Dotcom, the infamous Internet entrepreneur behind Megeupload, has warned Sony and Microsoft that the attack could be avoided if they update their servers. “Warning @Sony & @Microsoft. You had 1 year to upgrade your networks. If Lizard Squad takes down PSN & XBOX this Xmas, we’ll be pissed! RT!,” Dotcom tweeted. Dotcom, who is also a gamer, helped stop last year’s attack by promising the hackers 3,000 accounts on his encrypted upload service Mega. While Sony and Microsoft work on strengthening their servers, people who bought a console as a gift this Christmas can unbox it, plug it in, and download all the updates as soon as they buy it. This process will let them at least play games offline on Christmas. Otherwise, if the hackers release a DDoS attack, the console will be useless without being powered on and updated. Source: http://www.nydailynews.com/news/national/hackers-plan-ddos-attack-psn-xbox-live-christmas-article-1.2467876

Link:
Hacker squad plans DDoS attacks on PlayStation Network, Xbox Live this Christmas

UK pummelled with DDoS after ISIS cyber attack warning

Earlier this week, the UK government warned ISIS militants were developing the capability to launch cyber attacks against Britain’s infrastructure. Today, we are witnessing a huge amount of DDoS (Distributed Denial of Service) attacks on the United Kingdom. As of writing, a look at the Digital Attack Map shows an unprecedented amount of attack traffic aiming towards the UK. Most of the DDoS attacks use “fragmentation” which sends a flood of TCP or UDP fragments to a victim, overwhelming the victim’s ability to re-assemble the streams and severely reducing performance. The cyber attacks come after a week of physical attacks towards the international community, and subsequent retaliation in the form of bombing campaigns against key IS targets in Syria and hundreds of raids on various safe houses being used to harbor the militants in France and Belgium. It’s unclear what the attack traffic is targeting, and whether it’s originating from IS sympathasisers, but online activist group Anonymous has been under attack for declaring war on the militants with the launch of their #OpParis campaign for anyone to disrupt social network accounts used for propaganda and recruitment by the group. An IRC used by Anonymous has temporarily had to shut-off external connections from third-party clients. #OpParis is not “hacking” in the traditional sense, as the group is often known for, in fact its rules prohibit carrying out certain attacks such as DDoS and instead focuses on using software to collect the social network accounts used by ISIS. Volunteers then use the services’ built-in tools for abuse reporting. So far, #OpParis has reportedly taken down 5,500 Twitter accounts – despite not all being confirmed as being ISIS-affiliated. ISIS has used the web for international recruitment, and for encrypted communications. The actions of Anonymous has worried the group as it’s disruptive to spreading their poisonous ideology to potential new recruits, but it has also pushed the militants into using safer messaging tools and issuing advice to followers over which services to use. The potential of using these encrypted services, like Telegram, for organising attacks out the view of intelligence agencies is concerning governments. David Cameron, Prime Minister of the United Kingdom, has expressed his government’s interest in “banning” encrypted messaging tools which agencies struggle to intercept. Cameron’s plan has been criticised not just for its privacy implications, but also for how it would be impossible to ban such tools in practice as most of the chosen tools are “open source” and can be distributed by anyone. In response to cyber attack threats, the UK government has pledged £2 billion towards creating a “National Cyber Centre” based at GCHQ (Government Communications Headquarters) Chancellor George Osborne said ISIS was trying to develop the capability to attack British infrastructure such as hospitals, power networks and air traffic control systems for lethal consequences. In a speech at GCHQ, he said “they have not been able to use it to kill people yet by attacking our infrastructure through cyber attack, but we know they want it and are doing their best to build it.” “We are building our own offensive cyber capability – a dedicated ability to counter-attack in cyberspace. When we talk about tackling (ISIS), that means tackling their cyber threat as well as their guns, bombs and knives,” he continued. It’s unclear if the cyber attacks towards the UK today are ISIS-related, but it goes to show the need for a facility dedicated towards facing cyber threats. Back in September, we reported about the creation of the Global Cyber Alliance. The alliance is headquartered in New York and London, but it’s unclear if this new investment will be an expansion of that scheme or an independent facility. Will Pelgrin, former CEO and President of the Center for Internet Security, said: “Cyber crimes have become a worldwide epidemic with estimates of a half billion global cyber victims annually. We must treat cyber security threats and crimes as we would any widespread infectious disease – immediately, urgently and collectively. Cyber risks have reached catastrophic proportions and, therefore, require an unparalleled, public/private and transnational response.” Source: http://www.telecomstechnews.com/news/2015/nov/18/uk-pummelled-ddos-after-isis-cyber-attack-warning/

Link:
UK pummelled with DDoS after ISIS cyber attack warning

UK e-tailers hit by suspected DDoS barrage

Scan Computers, Novatech and Aria Technology all encountered website disruption yesterday, with the latter confirming a Bitcoin-based DDoS attack was to blame. Aria Taheri, Aria’s eponymous boss, told CRN the firm’s website went down yesterday afternoon for a couple of hours as hackers sent an email demanding the payment of 16.66 Bitcoins (£2,871.43), otherwise they would try to bring the site down for the whole of Wednesday. Fellow e-tailers Novatech and Scan also took to Twitter to inform their customers that there had been problems with their sites, while CCL is another thought to have encountered issues. Scan Computers, Novatech and Aria Technology all encountered website disruption yesterday, with the latter confirming a Bitcoin-based DDoS attack was to blame. Aria Taheri, Aria’s eponymous boss, told CRN the firm’s website went down yesterday afternoon for a couple of hours as hackers sent an email demanding the payment of 16.66 Bitcoins (£2,871.43), otherwise they would try to bring the site down for the whole of Wednesday. Fellow e-tailers Novatech and Scan also took to Twitter to inform their customers that there had been problems with their sites, while CCL is another thought to have encountered issues. Novatech and CCL were unavailable for comment at the time of publication. Elan Raja III, Scan’s director, said: “Scan are aware there has been some disruption in traffic and is investigating the cause.” Taheri said he understood that the website disruption suffered by his competitors was caused by the same DDoS attack and believes other companies in his industry have also received ransoms for Bitcoins this week. Aria’s website was hit in a hack in February 2013 but caught the perpetrators last year after putting up a reward. Taheri is adopting the same tactic on this occasion, posting a £15,000 bounty ( pictured above ) for anyone who provides information to help police catch the hackers. He said the reward is much higher than the Bitcoin ransom because he wants to send a message to the hackers and due to the “principle” of the attack. He said he is not going to pay the ransom demanded as it would send out the wrong message. “These kinds of attacks are only designed to affect our website and make it inaccessible. However, [our customers’] information is 100 per cent secure as we are PCI DSS compliant which is quite a strict web-security protocol. Also, the website unavailability will last for only a short period – a matter of hours – so the customers can always come back at a later time. “We are not going to encourage more of these hackers by giving them Bitcoins, because that would only encourage others to come to us and blackmail us more. The message to the hackers is that I will spend a significant amount of money to bring them to justice. Our track record shows that we have done that before, and based on that track record I am fairly confident we can do that [again].” The attack the cybercriminals have threatened to carry out on Aria’s website tomorrow coincides with a “prime day” on which low prices are offered to customers, Taheri added. On the rise There has been a rise in the number of DDOS attacks demanding Bitcoin ransoms in recent months, with Bloomberg reporting that a cybercriminal group called DDoS for Bitcoin (Distributed Denial of Service for Bitcoin) – or DD4BC – blackmailed financial institutions by threatening to disrupt websites last month unless they paid Bitcoin ransoms. Taheri said the internet datacentre informed him that these kinds of attacks are “on the increase, and the frequency of it is going up at an alarming rate”. One source, who wished to remain anonymous, said the attack is similar to those launched by DD4BC, and could be from a group which is trying to emulate DD4BC. Source: http://www.channelweb.co.uk/crn-uk/news/2431257/uk-e-tailers-hit-by-ddos-barrage

Follow this link:
UK e-tailers hit by suspected DDoS barrage

Businesses Beware – DDoS Attacks Are On The Rise Again Read

British businesses are being warned to bump up their protection against Direct Denial of Service (DDoS) attacks after a new study found that the number of such assaults rose hugely in the last quarter. Research by Corero Network Security found that its customers had endured a 32 percent increase in DDoS attacks compared to the previous quarter – an average of 4.5 per day. That’s according to its Trends and Analysis Report for the first half of 2015, which also found that most of the recorded DDoS attacks were smash and grab assaults that lasted less than 30 minutes. Targeted The report found that the DDoS attacks targeting its customers in the first three months of 2015 remained relatively consistent from the previous quarter – averaging three attacks per day. The daily attack volume increased in the second quarter to an average of 4.5 attacks. Corero says that the increasing use of such attacks is down to the ease in purchasing and launching DDoS attack tools, many of which can be obtained for free, and the ability to easily include these into part of a larger strategy. “Attackers are continuing to leverage DDoS attacks as part of their cyber threat arsenal to either disrupt business operations or access sensitive corporate information, and they’re doing it in increasingly creative ways that circumvent traditional security solutions or nullify the previous effectiveness of scrubbing centres,” said Dave Larson, CTO and vice president, product, Corero Network Security. “In order to effectively protect their networks, prevent disruptions to customer operations, and better protect against data theft and financial loss, companies need real-time visibility and mitigation of all DDoS attack traffic targeting their networks, regardless of size or duration.” Under attack The past few months have seen several high profile DDoS attacks as cybercriminals look to take advantage of slightly less well-developed defences in this area. NatWest’s online banking system was the victim of an attack back in August, as was parenting website Mumsnet, showing the range of potential targets. However companies are beginning to fight back against the DDoS threat, with BT announcing today the release of its own cloud-based Distributed Denial of Service (DDoS) mitigation platform, claiming that the service will help its customers stay secure amidst growing numbers of cyber-attacks. Source: http://www.techweekeurope.co.uk/security/cyberwar/corero-ddos-attacks-rise-178274#jzBwTomdGAO2LL7m.99

Read the original post:
Businesses Beware – DDoS Attacks Are On The Rise Again Read

NL minister says disruptions caused by DDoS are inevitable

Dutch minister of safety and justice Klaas Kijkhoff has responded in writing to questions from Labour Party PvdA about recent disruptions at Ziggo, saying internet problems due to large-scale DDoS (distributed denial of service) attacks are unavoidable. The minister said that it was primarily the job of ISPs to secure their systems against such attacks, which hit cable operator Ziggo in August. PvdA MP Astrid Osse Bridge had written earlier, saying she wanted to know to what extent public services are affected by DDoS attacks on major ISPs and what the government could do to prevent such events. Dijkhoff wrote that the government has taken action to minimize effects of DDoS attacks on their own networks and systems, adding that it was up to the government to implement such measures for ISPs. The minister said companies and bodies involved must ensure that consequences are minimised. They could take prevention measures such as by addressing and sharing information about joint botnets, networks of hijacked computers used by hackers to stage cyberattacks. Ziggo took two heavy DDoS attackes on 18 and 19 August. Source: http://www.telecompaper.com/news/nl-minister-says-disruptions-caused-by-ddos-are-inevitable–1105503

More:
NL minister says disruptions caused by DDoS are inevitable

New York Site DDoS attack After Massive Cosby Story Goes Online

At 9PM on Sunday night, New York Magazine published to the web one of its most ambitious and powerful stories of the year, an extended interview with 35 women who have accused Bill Cosby of sexual assault. Within minutes, writers and editors heaped praise on the feature, but later into the night, it mysteriously disappeared, along with everything else hosted at NYMag.com, victim to an apparent denial-of-service attack. On Twitter, accounts identifying themselves as the hackers gave a variety of conflicting and implausible explanations for the attack, ranging from general animosity toward New York City to a personal connection with one of the women involved. The magazine’s only official statement came at 3:32AM: “Our site is experiencing technical difficulties. We are aware of the issue, and working on a fix.” As of press time, the site is still offline. So far, the attack is consistent with a denial-of-service (or DDoS) attack — an unsophisticated flood of traffic that blocks users from accessing a specific address without compromising the site itself. DDoS attacks can be launched cheaply from nearly anywhere, making them a favored tactic for activists and criminals alike. Mitigation techniques have grown more advanced in recent years, but the sheer volume of requests is often enough to knock a site offline or slow response time for days at a time. Denial-of-service actions are occasionally used as cover for more sophisticated attacks, but the vast majority are simple brute force actions, overcome as soon as site managers are able to deploy mitigation measures or, in some cases, comply with extortion demands. But while NYMag.com is still unavailable, the story has continued to proliferate through other channels. New York ‘s Instagram account has published pictures and quotes from four of the women, which the magazine’s Twitter account has continued to promote throughout the outage. A cached version of the story is also available through Archive.org, although not all of the functionality is present. Print distribution of New York has been unaffected by the attack. Source: http://www.theverge.com/2015/7/27/9047765/new-york-magazine-bill-cosby-rape-story-ddos-attack

More:
New York Site DDoS attack After Massive Cosby Story Goes Online

New Jersey Online Gaming Sites Hit by DDoS Attacks

Online gaming sites in New Jersey were rocked by a wave of distributed denial of service attacks (DDoS) last week, according to the New Jersey Division of Gaming Enforcement (DGE). At least four sites were knocked offline for around half an hour by the cyberattacks, David Rebuck, DGE director, said, although he declined to name them. The disruption was followed by a ransom demand, to be paid in bitcoin, and the threat of further more sustained attacks, he added. DDoS attacks are used by cyber criminals to flood the bandwidth of an internet site rendering it temporarily nonoperational. Online gambling has been a target for such criminals since the early days of the industry, although this is the first time that any attacks have been reported against the regulated US markets. However, last September, when Party / Borgata attempted to stage the most ambitious tournament series the regulated space had seen, the Garden State Super Series, major disruption forced the main event to be cancelled. “Known Actor” Suspected It was assumed that the technical difficulties were the result of a relatively new infrastructure bending under the weight of an uncommon influx of players, but it seems possible that there were more sinister forces at work. Cyber attackers typically strike at times when traffic is highest in order to maximize disruption, and a well-publicized event like the Garden State Super Series would have been an irresistible target. Rebuck’s assertion that law enforcement is now hunting a “known actor” in relation to the attacks, a suspect who has “done this before” would appear to confirm, at least, that New Jersey has been subject to a prior attack. Recent Attacks on Offshore Market Hackers have certainly disrupted unlicensed US-facing poker sites in recent times. Two months after the Garden Super Series, the Winning Poker Network (WPN) attempted to stage a similarly ambitious online tournament with $1,000,000 guaranteed. The event had attracted 1,937 players with 45 minutes of late registration still remaining, before it was derailed by a suspected cyberattack. An on screen-message relayed the news to players as the tournament was abandoned four and a half hours in, following a spate of disruptions. The tournament was canceled and buy-in fees refunded to all participants. On November 23, the Carbon Poker Online Poker Series was severely interrupted by poor connectivity issues, and the site has experienced intermittent problems several times since, although no official word on the disruptions has been forthcoming from .Carbon Poker. “It sounds like the regulators and the [gambling] houses anticipated this very type of attack and responded to it in a very appropriate manner,” cybersecurity expert Bill Hughes Jr, told the Press of Atlantic City of the incident last week. “It appears that the system worked here.” Source: http://www.cardschat.com/news/new-jersey-online-gaming-sites-hit-by-ddos-attacks-13472#ixzz3fFdK5Vbd

More:
New Jersey Online Gaming Sites Hit by DDoS Attacks