Tag Archives: copyright

NSA.gov goes down after ‘error during scheduled update’

Spook agency denies DDOS, blames sysadmins The USA’s National Security Agency (NSA), lately the source of near-endless controversy for spying on just about the entire internet, has itself hit trouble online after its website went down.…

More:
NSA.gov goes down after ‘error during scheduled update’

12 year old Quebec boy Anonymous Hacker Pleads Guilty to DDOS Attack on Government Websites

A 12-year-old Quebec boy is responsible for hacking several government and police websites during the student uprising in spring 2012, creating computer havoc and causing $60,000 damage, court heard Thursday. Some sites were out of service for up to two days and the boy did it in the name of the activist/hacktivist group Anonymous. The Grade 5 student from the Montreal suburb of Notre-Dame- de-Grâce, whose actions were not politically motivated, traded pirated information to Anonymous for video games, court was told. The boy appeared in youth court Thursday dressed in his school uniform and accompanied by his father. He pleaded guilty to three charges related to the hacking of the websites, including those of Montreal police, the Quebec Institute of Public Health, Chilean government and some non-public sites. Police estimate damage to the sites at $60,000 but a more detailed report will be produced in court when the boy is sentenced next month. The little hacker, whose name can’t be published and is said to have been involved with computers since the age of nine, contributed to the crash of some sites and accessed information belonging to users and administrators. He had even issued a warning to others: “It’s easy to hack but do not go there too much, they will track you down.” Court heard the boy used three different computer attacks, one which resulted in a denial of service to those trying to access the websites and flooded servers, making them ineffective. In another method he would alter information and make it appear as the homepage. His third tactic involved exploiting security holes in order to access database servers. “And he told others how to do it,” a police expert testified in Montreal on Thursday. While others were arrested in the scheme, it was the boy who opened the door to the website attacks, court heard. “He saw it as a challenge, he was only 12 years old,” his lawyer said. “There was no political purpose.” In 2000, a 15-year-old Montreal boy, know as Mafiaboy, did an estimated $1.7 billion in damage through hacking. He was sentenced to eight months in youth detention and subsequently received several job offers in cybersecurity. Source: http://www.torontosun.com/2013/10/25/que-boy-12-pleads-guilty-to-hacking-government-websites

Read More:
12 year old Quebec boy Anonymous Hacker Pleads Guilty to DDOS Attack on Government Websites

NSA site down due to alleged DDoS attack

The website for the United States National Security Agency suddenly went offline Friday. NSA.gov has been unavailable globally as of late Friday afternoon, and Twitter accounts belonging to people loosely affiliated with the Anonymous hacktivism movement have suggested they are responsible. Twitter users @AnonymousOwn3r and @TruthIzSexy both were quick to comment on the matter, and implied that a distributed denial-of-service attack, or DDoS, may have been waged as an act of protest against the NSA   Allegations that those users participated in the DDoS — a method of over-loading a website with too much traffic — are currently unverified, and @AnonymousOwn3r has previously taken credit for downing websites in a similar fashion, although those claims have been largely contested. The crippling of NSA.gov comes amid a series of damning national security documents that have been disclosed without authorization by former intelligence contractor Edward Snowden. The revelations in the leaked documents have impassioned people around the globe outraged by evidence of widespread surveillance operated by the NSA, and a massive “Stop Watching Us” rally is scheduled for Saturday in Washington, DC. DDoS attacks are illegal in the United States under the Computer Fraud and Abuse Act, or CFAA, and two cases are currently underway in California and Virginia in which federal judges are weighing in on instances in which members of Anonymous allegedly used the technique to take down an array of sites during anti-copyright campaigns waged by the group in 2010 and 2011. In those cases, so-called hacktivsits are reported to have conspired together to send immense loads of traffic to targeted websites, rendering them inaccessible due to the overload.

More:
NSA site down due to alleged DDoS attack

Norks seed online games with malware in fiendish DDoS plot

Seoul police believe country’s love of gaming will be turned upon itself South Korea’s National Police Agency (NPA) is warning users not to download unofficial online games as they may contain malware designed by the North to compromise machines which can then be used to launch DDoS attacks on the country.…

View article:
Norks seed online games with malware in fiendish DDoS plot

Google Project Shield protects “free expression” sites hit by DDoS

Before you ask: this Google’s Project Shield has nothing to do with NVIDIA SHIELD, the two being completely different elements – the Google iteration is all about protecting sites that’d otherwise have little to no protection. Google Project Shield makes with the barrier around a website to stop DDoS (Distributed Denial of Service) attacks to keep sites active. This project has been used to keep up all manner of sites that – before this project – had been taken down by the likes of governments and unfriendly hacker groups. This project has been used for several impressive sites in the recent past, Google aiming to make a much bigger deal of it in the near future. One example is the Persian-language social and political blog Balatarin. Another is quick-access site Aymta, kept up by Google in the face of DDoS attacks recently. This site provides early-warning (somehow or another) of scud missiles to people in Syria. Another example of this project is action is the keeping up of election monitoring service iebc.or.ke during a recent election cycle. Project Shield was responsible for keeping this site up for the first time – it’s stayed up for the entire cycle, that is – in history. Google is currently inviting sites in the following categories to join the initiative – webmasters serving: Independent News Human Rights Elections-Related Content Small independent sites in need of the infrastructure and resources Google is able to supply will be able to apply for help through the main Google Project Shield portal where some very, very simple information is required. Though the site says “invite only”, in this case, Google means that you’ll be invited if your application is accepted. There is also an “Other” category in the “type of content you host on your site” portion of the page in addition to those categories listed above. Source: http://www.slashgear.com/google-project-shield-protects-free-expression-sites-hit-by-ddos-21302260/

Read More:
Google Project Shield protects “free expression” sites hit by DDoS

DDoS Attacks Grow Shorter But Pack More Punch

If there was ever a riddle asking the listener to name something that has become bigger and shorter at the same time, distributed denial-of-service attacks (DDoS) would be an acceptable answer. According to a new report from Arbor Networks about the third quarter of 2013, the average attack size now stands at 2.64 Gbps for the year, an increase of 78 percent from 2012. The number of attacks monitored by the firm that are more than 20 Gbps experienced massive growth, to the tune of a 350 percent increase so far this year. Meanwhile, the length of the vast majority of attacks (87 percent) has gone down to less than an hour. “Shorter duration attacks are not inherently harder to detect, but they can be harder to mitigate,” says Gary Sockrider, solutions architect for the Americas, Arbor Networks. “Many organizations today rely on network- or cloud-based mitigation of DDoS attacks. Because they rely on rerouting attack traffic to scrubbing centers, there is a small delay in mitigation while routing or domain name changes propagate. “Ideally you want to have mitigation capabilities on your own network that can react immediately without the need for redirection. I think it’s safe to say that if you have absolutely no mitigation capabilities, then shorter attacks are better. However, if your only protection has inherent delays, then shorter attacks potentially cannot be stopped.” Barrett Lyon, founder of DDoS mitigation firm Prolexic Technologies and now CTO of Defense.net, says that shorter DDoS attacks also have the added benefit of minimizing an attacker’s exposure. “The longer it runs, the more things are obviously clogged up and the more reactive network engineers become,” he observes. “When network engineers start researching a problem like that — congestion in their network or why is this computer slow — it exposes the botnet and makes it much vulnerable than it would be otherwise. So if it’s a short attack but big, [attackers] can kind of quickly see and size up their target. They can quickly determine … what’s the best bang for the buck when it comes to attacking.” A clear trend of increasing attack sizes has emerged during the past several years, Sockrider says. “I believe there [is] a combination of factors enabling this trend,” he says. “First, there is increased availability of simple-to-use tools for carrying out attacks with little skill or knowledge. Second, there is a growing proliferation of DDoS-for-hire services that are quite inexpensive. Third, increasingly powerful workstations and servers that get compromised also have significantly faster connections to the Internet from which to generate attacks.” The largest monitored and verified attack size during the quarter was 191 Gbps, according to the firm. Fifty-four percent of attacks this year are more than 1 Gbps, up from 33 percent in 2012. Some 37 percent so far this year are between 2 Gbps and 10 Gbps. Another general trend is of attacks moving to the application layer. In fact, while volumetric attacks are still common, they are now frequently combined with application-layer and state exhaustion attacks, Sockrider says. In some cases, DDoS attacks have served as diversions meant to draw attention from other activities, such as bank fraud. For example, a report published in April by Dell SecureWorks noted how DDoS attacks were launched after fraudulent wire and automatic clearing house (ACH) transfers. “Most people that follow DDoS trends are aware of the really high-profile attacks against government and financial institutions, but in reality the most common targets are actually business and e-commerce sites,” Sockrider says. “We’re also seeing increased attacks in the online gaming industry, where attacks are waged for competitive advantage. Additionally, some organizations are taking collateral damage because they reside in a data center, and they happen to share infrastructure with a high-profile target. The bottom line is that in the current environment, every organization is a potential target.” Source: http://www.darkreading.com/attacks-breaches/ddos-attacks-grow-shorter-but-pack-more/240162741

See more here:
DDoS Attacks Grow Shorter But Pack More Punch

What Is a DDoS Attack?

What Is a DDoS Attack? Before we can understand just how groundbreaking this recent attack was, let’s first go over exactly what a denial of service attack is. It is one of the least complicated attacks that a hacker can pull off. Basically the goal is to shut down a webserver or connection to the internet. Hackers accomplish this by flooding the server with an extremely large amount of traffic. It would be like taking a wide open freeway and packing it full of the worst rush hour traffic you could imagine. Every connection to and from the freeway would grind to a halt. This would make visiting the website (or the road) next to impossible, or at the least extremely slow! In some cases, the server might overload and shut down completely. When this happens, it doesn’t mean that the website was necessarily hacked. It just means that the website was kicked off the internet for a period of time. This may not sound like that big of a deal, but if your company relies heavily on its online presence, this interruption of service could take a huge cut out of profits. DoS v. DDoS The next item to be clarified is the difference between a DoS (Denial of Service) attack and a DDoS or (Distributed Denial of Service) attack. This distinction is pretty simple: a DoS attack comes from one network or computer whereas a DDoS comes from multiple computers or networks. DDoS attacks are most always bigger than a DoS attack because the strength of the attack can be multiplied by a huge amount of computers. Source: http://www.scientificamerican.com/article.cfm?id=what-is-ddos-attack

Read More:
What Is a DDoS Attack?

Preparing for DDoS attacks

Not everyone despaired over the Distributed Denial of Service (DDoS) attacks that hit some of the Web’s biggest e-commerce sites in February. Security consultants and developers of security tools seized the opportunity to spotlight their solutions. Simple DoS attacks are not new. During one, a hacker floods a system with packets of useless requests, making the system so busy it denies access to legitimate users. What’s new are the hacker tools that enable DDoS attacks, in which a hacker uses dozens or hundreds of machines to worsen the attack. The hacker uses client software on one PC to install ‘zombie’ or ‘back door’ programs on other servers, which then flood a target system with useless packets. Zombie programs, including TFN (Tribal Flood Network), Trin00, TFN2K (Tribal Flood Network 2K) and Stacheldraht (Barbed Wire), arrived last fall destined for Solaris, Linux and Windows NT servers. Until recently, most security packages designed to thwart such attacks were aimed at the Unix environment. Now, however, hundreds of programs are being designed for Windows NT, ranging from Internet Security Systems’ (ISS) award-winning SAFEsuite software to BindView Corp.’s free and downloadable Zombie Zapper. Some programs scan the addresses of outgoing messages, intercepting wayward messages before they swamp a potential victim. Others allow administrators to block fake messages from entering a system, or stop the echo functions that help create the constant data flood in a DoS attack. While the programs for NT are good news, the task of evaluating them can easily overwhelm an IS staff, according to Aberdeen Group, a consultancy in Boston. Adding pressure are unresolved issues of liability when one’s computers have been compromised because of lax security. To organize efforts and provide a modicum of legal defense, leading security practitioners suggest these guidelines: Perform a security audit or risk assessment of critical systems using system- and network-based vulnerability tools. Identify and empower an Incident Response Team. Establish an Emergency Response and Escalation Plan. Install Intrusion Detection and Response systems. Examine legal liability exposure. If systems are under attack: Alert your Incident Response Team. Contact your ISP; often, hosts can shut down your access line, stopping the attack. Notify CERT/CC. Notify law enforcement authorities at the FBI and the National Infrastructure Protection Center (NIPC). Monitor systems during the attack using network and host-based intrusion detection systems. Enable detailed firewall logging. Collect forensics to prosecute hackers later. Source: http://networksasia.net/article/preparing-ddos-attacks-960134400

Read the article:
Preparing for DDoS attacks

GitHub wipes hand across bloodied face, stumbles from brutal DDoS beating

Wouldn’t have happened if you’d just used SVN, eh! Popular source-code warehouse GitHub was back online today after weathering a huge denial-of-service attack throughout the week.…

Read More:
GitHub wipes hand across bloodied face, stumbles from brutal DDoS beating

US charges 13 Anonymous members for DDoS attacks

The U.S. has brought criminal charges against 13 persons, said to be members of the hacker group Anonymous, for their alleged participation in cyberattacks as part of a campaign called Operation Payback.The defendants and other members of Anonymous allegedly launched or attempted to launch cyberattacks against government entities, trade associations, individuals, law firms and financial institutions, according to a federal grand jury indictment released Thursday in the U.S. District Court for the Eastern District of Virginia, Alexandria division. Among the organizations targeted were the Recording Industry Association of America, the Motion Picture Association of America, the United States Copyright Office of the Library of Congress, Visa, MasterCard, and Bank of America. The method of attack was DDoS (distributed denial of service) which floods web sites with spurious Internet traffic so that they become unavailable, and the weapon of choice was the freely-available and downloadable network stress testing program known as the Low Orbit Ion Cannon or LOIC, according to the indictment. The 13 persons have been charged with one count of “conspiracy to intentionally cause damage to a protected computer” from about Sept. 16, 2010 to at least Jan. 2, 2011. All are from the U.S. and in their 20s with the exception of Geoffrey Kenneth Commander, a 65-year-old man from Hancock, New Hampshire, and Dennis Owen Collins, a man from Toledo, Ohio born in 1960. Members of Anonymous launched Operation Payback on about September 2010 to retaliate against the discontinuation of The Pirate Bay, a controversial file-sharing website in Sweden, according to the indictment. On December 4, 2010, Operation Payback planned DDoS attacks on the websites of entities that were either critical of whistle-blower website WikiLeaks or had refused to process payments for WikiLeaks, including Amazon and U.S. Senator Joseph Lieberman. The hacker group thereafter launched attacks on the website of PostFinance, a Swiss payments, e-finance, and electronic account management organization, the Swedish prosecutor’s office and a Swedish law firm. This was followed by an attack on the website of MasterCard, which cost the payment firm at least US$5,000 in losses during a one-year period, according to the indictment. Anonymous has attacked sites in the U.S. and abroad for a number of ideological reasons ranging from censorship of the Internet, the takedown of file-sharing site Megaupload, and Israel military action against Hamas. Source: http://www.pcworld.com/article/2052360/us-indicts-13-anonymous-members-for-ddos-attacks.html

Read the original:
US charges 13 Anonymous members for DDoS attacks