Tag Archives: china

Cybersecurity is threatening America’s military supremacy

The sparsely populated Spratly Islands, a collection of hundreds of islands and reefs spread over roughly 165,000 square miles in the South China Sea, are very quickly becoming the center of one of the most contentious international disputes between world powers since the fall of the Soviet Union. Alarmingly, the use of cyber attacks in this dispute suggests we might already be in the midst of a new Cold War playing out in cyberspace — where America’s advantage is not as clear as it is with conventional armies and navies. The Spratly Islands are of economic and strategic importance. All of the countries in the region — including China, Vietnam and the Philippines — have made competing territorial claims to the region. In recent years, China has become increasingly aggressive in its claim, rapidly building artificial islands while also conducting military operations in the area. Beyond this conventional military build up, however, are complex and brazen cyber attacks by China that are leaving America and its allies increasingly concerned. A massive distributed denial of service (DDoS) attack knocked offline at least 68 Philippine government websites in July, apparently in response to an international court ruling that denied China’s territorial claims in the region. Just days later, Vietnam’s national airline and major airports were targeted in a series of attacks by the Chinese hacking group 1937CN. Those are just the latest examples of China’s years long cyber campaign related to the Spratly Islands. (In another attack, the website of the aforementioned international court was infected with malware and taken offline last year.) While these “nuisance” attacks — and continued cyber espionage by China — are serious, targeted Chinese cyber attacks designed to impact America’s physical military systems in the South China Sea are the most substantial evidence that we may be on the brink of a more tangible cyber threat to American military power. China appears to be moving forward with plans to use electronic attacks designed to either disrupt or take control of American drones. With reports that the Chinese attempted to interfere with U.S. military drones at least once in recent years, the country has shown a willingness to use GPS jamming to prevent U.S. aircraft from conducting surveillance missions in the Spratly Islands. That 2015 instance appears to fit China’s public posturing on the ways it says it could use electronic GPS jamming to disrupt U.S. drone networks. One 2013 report in the Chinese journal  Aerospace Electronic Warfare  notes in technical detail how its military can “use network warfare to attack and even control America’s network” by disrupting the connection between satellites and aircraft. This sort of GPS jamming could be the largest electronic threat to the U.S. drone program. In fact, it has been widely speculated that Iran used a similar GPS “spoofing” technique to take control of a U.S. surveillance drone in 2011. The American military says it is preparing for these sorts of attacks with its new cyber strategy released last year. In addition to outlining how cyber will be included in military planning, the report calls for a hardening of the military’s cyber defenses to prevent the theft of military technology or cyber attacks against military infrastructure and weaponry. The challenge, as any expert in the cybersecurity world would tell you, is that the capabilities and sophistication of the Chinese, Russians and other state-sponsored and non-state hackers are increasing exponentially. One only has to read the news to see nearly daily evidence of this (e.g. the recent suspected NSA breech, hacks targeting Democratic political organizations, the attack against the State Department’s email system or the theft of military intel in the OPM hack). The relatively inexpensive cyber options being employed today by both state and non-state hacking groups make it an incredibly efficient “leveler” of power. A small group of hackers using simple spear-phishing tactics, for example, can have massive impact on military installations, government operations, critical infrastructure and potentially even weapons systems. The unconventional battle playing out in the South China Sea — where cyber attacks are taking the place of conventional fighting and other forms of diplomacy — is a new model of warfare. The growing cyber threat from China may pose the most immediate threat to America and its allies because, while the U.S. continues to have a clear conventional military advantage, our advantage in cyber is not as clear. Source: https://techcrunch.com/2016/09/21/cybersecurity-is-threatening-americas-military-supremacy/

Link:
Cybersecurity is threatening America’s military supremacy

Researcher believes major DDoS attacks part of military recon to shut down internet

Security researcher Bruce Schneier spotted a series of DDoS attacks which may be part of a larger effort to learn how to take down the internet on a national or even global scale. The attacks targeted major companies that provide the basic infrastructure for the internet and the incidents seem to appear to have probed the companies’ defenses to determine how well they can protect themselves, according to a Sept. 13 blog post. Schneier said he is unable to give details concerning which companies were targeted because he spoke with the companies under anonymity, but said the attack rate has increased in the last two years and that his findings are supported by a Verisign DDoS trends report. Schneier told SCMagazine.com he believes the attacks are part a foreign cyber organization doing military recon activities. The attacks are believed to be from China, but that being said Schneier said he is hesitant to point the blame at anyone. So far the targeted companies have been able to defend themselves, but when it comes to actually being able to take down the internet, Schneier said, “it does seem you can do it for small amounts of time but not permanently.” Some other experts agree. Several countries have a history of using DDoS attacks to target the U.S. and other nations so it’s safe to say that if taking down the internet will improve one’s position as a world power, someone will try to do it, Plixer CEO Michael Patterson told SCMagazine.com via emailed comments. “Consider the past attacks on our utilities and our 911 system and you can begin to appreciate the possibility of a combination of attacks that would certainly be possible with DDoS technologies,” Patterson said. “Our government needs to develop and implement a full scale back-up in the event that any one of these world players are successful in taking down the Internet.” Patterson said so much of the U.S. economy depends on the internet that its critical to have an alternative communication and digital plan in place in case something happens. However, some industry pros expressed doubt that an attacker would be able to carry out such a large scale attack. While the size, duration, and sophistication of DDoS attacks continue to grow, a complete shutdown is unlikely, Tim Matthews, Imperva Incapsula VP of marketing,  told SCMagazine.com via emailed comments. “Attacks might present temporary regional slowdowns – and annoy customers – but certainly not cause a global Internet blackout, as Mr. Schneier suggests,” Matthews said. “And with proper DDoS protections in place, most attacks like these would be stopped in their tracks.” Source: http://www.scmagazine.com/infrastructure-ddos-attacks-could-be-part-of-larger-plan-to-shut-down-internet-on-massive-scale/article/522962/

Link:
Researcher believes major DDoS attacks part of military recon to shut down internet

DOSarrest Expands Into Second City in Asia

DOSarrest Expands Into Second City in Asia VANCOUVER, BRITISH COLUMBIA–(Marketwired – Aug. 30, 2016) –  DOSarrest Internet Security announced today that they have expanded their DDoS protection cloud in Asia, with a new DDoS mitigation node in Hong Kong. The new node will work in conjunction with their existing nodes in New York, Los Angeles, London, Singapore and Vancouver and will have the same connectivity as the others, including multiple 10 Gb/Sec uplinks to multiple carriers. Mark Teolis, CEO at DOSarrest says, “This new Hong Kong scrubbing center will have excellent connectivity in the region including multiple Chinese upstream providers. To compliment the 6 upstream providers there will be an additional 10Gb/Sec link into the Hong Kong Internet Exchange (HKiX) for even better route diversity. Our customers have asked for it and we are delivering” Teolis adds, “Having great connectivity into China allows us to offer our customers great performance using our caching engine and also more importantly it allows us to stop attacks closer to the source if need be.” Jag Bains, CTO at DOSarrest states, “This new Hong Kong node is part of our global capacity expansion that includes, new hardware in all existing locations, plus the addition of 100+ Gb/Sec of Internet capacity. We need this in order to offer some new services that we will be rolling out in 2017.” About DOSarrest Internet Security: DOSarrest founded in 2007 in Vancouver, B.C., Canada is one of only a couple of companies worldwide to specialize in only cloud based DDoS protection services. Additional Web security services offered are Cloud based  W eb  A pplication  F irewall (WAF) ,  V ulnerability  T esting and  O ptimization  (VTO) as well as  cloud based global load balancing . More information at  www.DOSarrest.com CONTACT INFORMATION Media Contact: Jenny Wong Toll free CAD/US 1-888-818-1344 ext. 205 UK Freephone 0800-016-3099 ext. 205 CR@DOSarrest.com Source: http://www.marketwired.com/press-release/-2154179.htm

Read More:
DOSarrest Expands Into Second City in Asia

DDoS Attacks Increase 200%; UK Now Second Most Targeted Nation

DDoS attacks have increased by over 200% in the last year, according to new research from Imperva. The uptick in attacks has been attributed to DDoS-for-hire services, the company said. DDoS attacks are now among the most common cyber threats businesses can face, according to Imperva. Between April 1, 2015 and March 31, 2016 it recorded an average of 445 attacks targeting its customers per week. More than 40% of customers affected were targeted more than once, and 16% were hit more than five times. The majority of attacks noted by Imperva targeted the application layer, making up 60% of all DDoS attacks. The remainder targeted the network layer. However, Imperva noted that the number of application layer attacks are trending downwards, dropping by 5% year over year. If that trend continues, network layer attacks could be just as common as application layer ones before too long. The most recent quarter covered by this report shows a big jump in the size of network layer attacks. The biggest recorded attack was 470 Gbps, while many others exceeded 200 Gbps. Imperva now says attacks of this size are a “regular occurrence.” These increases in DDoS attacks have been attributed to DDoS-for-hire services, where anyone can pay as little as $5 to launch a minute-long DDoS attack on a target of their choice. This means attacks can be launched by just about anyone—whether it’s because of a grudge against a particular company or just boredom. These now account for 93% of DDoS attacks, up from 63.8% in Q2 2015. Imperva says this has directly led to the increase in overall DDoS numbers. Another clue to an increase in DDoS-for-hire services and what Imperva calls “casual offenders” is a decrease in attack complexity. Starting in Q2 2015 the company recorded a decrease in multi-vector attacks; attacks using multiple vectors and payloads indicate a more sophisticated, complex attack. However, Q1 2016 saw an increase in the volume of assaults using five or more payloads. “This countertrend reminds us that—in parallel with the increased “hobbyist” activity—more capable cyber-criminals continue to improve their methods. As per the first rule of the DDoS mitigation industry, attacks continue to get larger and more sophisticated on the high-end of the scale,”  the report said . The report also examined where DDoS attacks generally emerge from. Once again, China tops the list, with a sharp increase recorded in South Korea. The excellent broadband infrastructure in the country enables attacks to easily launch effective attacks, Imperva said. The UK is now the world’s second most-attacked country, after the United States of America. Most attacks targeted small and medium businesses, but some bigger institutions, including the  BBC  and  HSBC , were hit as well. Source: http://www.infosecurity-magazine.com/news/ddos-attacks-increase-200/

More:
DDoS Attacks Increase 200%; UK Now Second Most Targeted Nation

Xen Project plugs critical host hijacking flaw, patch ASAP

The latest security update (XSA-145 through 153) for the popular Xen virtualization software fixes nine issues. Eight of them can lead to Denial of Service, but the ninth is much more serious than…

Read More:
Xen Project plugs critical host hijacking flaw, patch ASAP

China is the top target for DDoS reflection attacks

China bore the brunt of DDoS reflection attacks last month, with 61 percent of the top attack destinations observed hitting Chinese-based systems, according to Nexusguard. Of the 21,845 attack events …

More here:
China is the top target for DDoS reflection attacks

Attackers are turning MySQL servers into DDoS bots

Someone has been compromising MySQL servers around the world and using them to mount DDoS attacks. The latest targets of these attacks are an (unnamed) US hosting provider and a Chinese IP address. …

See the article here:
Attackers are turning MySQL servers into DDoS bots

Day FOUR of the GitHub web assault: Activists point fingers at ‘China’s global censorship’

Code repository warns of ‘evolving’ attacks With the GitHub distributed denial-of-service (DDoS) attack nearing its fifth day of bombardment, the code-sharing upstart said it is holding up well under fire.…

More:
Day FOUR of the GitHub web assault: Activists point fingers at ‘China’s global censorship’

Massive DDoS against GitHub continues

Popular web-based Git repository hosting service GitHub has been battling a massive DDoS attack – the biggest they have ever experienced – for the last four days. “The attack began around 2AM UTC o…

Visit link:
Massive DDoS against GitHub continues