Tag Archives: brian-krebs

Number of DDoS attacks down but speed and size increases

The number of DDoS attacks fell more than 40 percent to 97,700 attacks in the second quarter of 2016 according to the latest threat report from DDoS security service Nexusguard. The report reveals there was a sharp dip in distributed reflection denial of service (DrDoS) attacks, with DNS-based attacks falling 97 percent compared to the previous quarter. However, recent DDoS attacks on cybercrime journalist Brian Krebs and OVH, a French internet hosting provider, broke records for speed and size. Nexusguard researchers put the drop in reflection attacks and the success of these massive attacks to hackers favoring Mirai-style botnets of hijacked connected devices, demonstrating the power the Internet of Things has to threaten major organizations. With increasing pressure on hosting and internet service providers to fend off fierce attacks against customers, Nexusguard analysts advise organizations to ensure they use signature-based detection to quickly identify and thwart botnets. “Few service providers can sustain the level of malicious traffic we saw in Q3 from IoT botnets, so these DDoS outages are causing companies to completely rethink their cybersecurity strategies,” says Terrence Gareau, chief scientist for Nexusguard. “Hackers’ preferences for botnets over reflection attacks are typical of cyclical behavior, where attackers will switch to methods that have fallen out of popularity to test security teams with unexpected vectors”. The attack on OVH put France in the top three countries targeted by DDoS attacks. While DDoS attacks fell in average frequency during Q3, Nexusguard researchers predict the attention from recent botnet attacks will cause companies to strengthen their cybersecurity and rethink their service provider contracts to deliver support and ensure business continuity despite supersized attacks. You can find out more about the findings in the full report available from the Nexusguard website. Source: http://betanews.com/2016/11/01/ddos-speed-size-increase/

Read the original:
Number of DDoS attacks down but speed and size increases

The Dyn DDOS Attack And The Changing Balance Of Online Cyber Power

As the denial of service (DDOS) attack against Dyn shook the internet a little over a week ago, it brought to the public forefront the changing dynamics of power in the online world. In the kinetic world of the past, the nation state equivalent was all-powerful, since it alone could raise the funds necessary to support the massive military and police forces necessary to command societies. In the online world, however, the “armies” being commanded are increasingly used against their will, massive networks of infected drone machines formed into botnets. The cost of acquiring, powering, cooling, connecting and operating these virtual soldiers are borne by private individuals and corporations, with criminal enterprises able to co-opt them into massive attack botnets. What does this suggest is in store for the future of the online world? The notion of using large botnets to launch globally distributed DDOS attacks is by no means a new concept and in fact has become a hallmark of the modern web. Indeed, I remember as a freshman in college 16 years ago seeing a new Linux server installed where I worked one morning and seeing the same machine being carted off by the security staff that afternoon after it had been hacked and converted into a botnet drone just a few hours after being plugged in. What makes the attack against Dyn so interesting is the scale at which it occurred and its reliance on compromised Internet of Things devices, including DVRs and webcams, allowing it to command a vastly larger and more distributed range of IP addresses than typical attacks. Making the attack even more interesting is the fact that it appears to have relied on open sourced attack software that makes it possible for even basic script kiddies to launch incredibly powerful attacks with little knowledge of the underlying processes. This suggests an immense rebalancing in the digital era in which anyone anywhere in the world, all the way down to a skilled teenager in his or her parent’s basement in a rural village somewhere in a remote corner of the world, can take down some of the web’s most visible companies and wreak havoc on the online world. That preliminary assessments suggest that the attack was carried out by private actors rather than a nation state only reinforces this shift in online power.  Warfare as a whole is shifting, with conflict transforming from nations attacking nations in clearly defined and declared geographic battlespaces to ephemeral flagless organizations waging endless global irregular warfare. In the cyber domain, as the battleground of the future increasingly places individuals and corporations in the cross hairs, this raises the fascinating question of how they can protect themselves? In particular, the attack against Dyn largely mirrored an attack against Brian Krebs’ Krebs on Security blog last month, which raises the specter of criminals and nations being able to increasingly silence their critics, extort businesses and wreak havoc on the online world, perhaps even at pivotal moments like during an election day. In the physical world, the nation state offers protection over the physical assets of companies operating in its territories, with military and police forces ensuring the sanctity of warehouses, office buildings and other tangible assets. However, in the digital world, state hackers from one country can easily compromise and knock offline the ecommerce sites of companies in other nations or leak their most vital secrets to the world. In the case of Brian Krebs’ site, his story thankfully has a happy ending, in which Alphabet’s Jigsaw (formerly Google Ideas) took over hostingof his site under their Project Shield program. Project Shield leverages Google’s massive global infrastructure to provide free hosting for journalistic sites under sustained digital attack, protecting them from repressive governments and criminal enterprises attempting to silence their online voices. Looking to the future, what options do companies have to protect themselves in an increasingly hostile digital world? Programs such as the Project on Active Defense by George Washington University’s Center for Cyber & Homeland Security are exploring the gray space of proactive countering and highly active response to cyberattacks. For example, what legal and ethical rights does a company have to try and stop an incoming cyberattack? Can it “hack back” and disable key command and control machines in a botnet or take other active approaches to disrupt the incoming traffic? What happens if a company remotely hacks into a control machine to disable it and it turns out it is an infected internet-connected oven in someone’s house and in the process of disabling it, the oven malfunctions and turns to maximum heat and eventually catches fire and burns the house down? Is the company responsible for the damage and potential loss of life? What legal responsibilities and liabilities do device manufacturers have to develop a more secure Internet of Things? If a company in 2016 still sells devices with default administrative passwords and well-known vulnerabilities that make them easy prey for botnets, should the companies bear the same burden as any other consumer safety issue? As over-the-air remote security updates become more common, should legislation be passed to require all consumer devices have the ability to be remotely updated with security patches? As the modern web celebrates more than 20 years of existence, somewhere over those last two decades the web has gone from a utopia of sharing and construction of a brighter future to a dystopia of destruction and unbridled censorship. Will the web grow up and mature to a brighter security future or will it descend into chaos with internet users fleeing to a few walled gardens like Facebook that become the “safe” version of the web? Only time will tell. Source: http://www.forbes.com/sites/kalevleetaru/2016/10/31/the-dyn-ddos-attack-and-the-changing-balance-of-online-cyber-power/#73a1613de230

More:
The Dyn DDOS Attack And The Changing Balance Of Online Cyber Power

Lizard Squad’s DDoS website hacked, unencrypted customer database stolen

The hacker group that calls itself the “Lizard Squad” has received another serious blow: LizardStresser(dot)su, the website where customers go to rent their DDoS service powered by a botnet of mostly …

Read More:
Lizard Squad’s DDoS website hacked, unencrypted customer database stolen