Tag Archives: copyright

Protect Your Website: How to Fight DDoS Attacks

Distributed denial of service (DDoS) attacks, a cyberattack that makes a specific resource unavailable to its intended user, are becoming more complex and sophisticated. Attackers don’t just carry out single attacks — they repeatedly test their target’s security and target their assault to achieve the highest amount of damage. Thousands and thousands of attacks occur daily, shutting down websites and network systems, essentially rendering businesses inoperable. To combat DD0S attacks, the first thing SMBs must do is assume they are going to be a target. Since the only DDoS attacks we hear about are those against large corporations, banks and the government, many SMBs don’t think they will ever be the target of digital warfare. Consequently, they don’t take the necessary precautions to prevent or mitigate attacks. “The reason for an attack could be anything,” said Vann Abernethy, senior product manager for NSFOCUS, a leading global DDoS mitigation solution provider. It could be an extortion attempt, a protest against company practices, or even an act of revenge by a disgruntled client or ex-employee. Unarmed with any technical knowledge, anyone with checkbook and a grudge or statement to make can launch an attack. “Everybody that has a measurable ROI associated with their web presence or anybody that can feel pain from their website being down is a target.” Despite the growing threat of DDoS attacks, most Web service providers will not guard your back, according to Abernethy, as it’s not common to cut off one pipe to protect the network. “If you get hit, they’ll say, ‘We’re gonna protect the rest of our customers by shutting you down.’” Therefore, Abernethy tells businesses to always read the fine print and see what their Web host’s policies are regarding DDoS attacks. While some say they will protect you, most have consumer-grade security that is not strong enough to defend your website against high-volume attacks. “SMBs really have two choices to make,” said Brian Laing, vice president of AhnLab, a security solutions provider. “The first is to use cloud-based applications which can more easily scale up to handle any DDoS attacks. The second option would be to implement a DDoS solution that can protect against both application and bandwidth (packet flooding) attacks.” Before implementing any type of DDoS defender, SMBs should investigate exactly what type of solution a vendor is providing, according to Laing. For instance, the defense mechanism should be able to recognize good traffic from bad, while also having a self-learning capability to be able to set flexible thresholds. Abernethy agrees. “We see thousands and thousands of attacks every day, so we have both detection and mitigation algorithms. They basically say, ‘That looks like an attack, it smells like an attack, let’s engage our mitigation algorithms.’ It looks at the attack traffic itself and then says, ‘Yes, that is an attack.’ We can detect those attacks and the system can be set up to go into automatic mitigation.” What SMBs need, Abernethy says, is a purpose-built DDoS defender with both detection and mitigation functions to quickly diagnose and mitigate DDoS attacks. The system should also be a “learning machine” that gets to know your environment over time for more precise detection. SMBs should also keep in mind that defending oneself from DDoS attacks doesn’t stop at prevention and mitigation. Because a DDoS attack shuts down your entire operation — and because most anti-DDoS protections are primarily concerned with simply knocking the attack down — you should have a recovery plan that either you or your providers facilitate. Pierluigi Stella, chief technology officer of Network Box USA, global managed security services provider, says that fending off an attack boils down to strategy and having the right resources for defense. “The real problem, though, is that defense is not a piece of hardware but a strategy, wherein the hardware plays an important role, but isn’t the only player,” Stella said. First, if your bandwidth is an old T1 at 1.5 Mbps, Stella advises businesses to upgrade that old Internet connection to one with a much larger bandwidth that can’t be taken down so quickly. A Disaster Recovery (DR) site should also be part of your recovery plan, Stella said. The DR site should have all your data, so it will serve as your temporary site as you work on getting the current one back up. Ryan Huber, chief architect at Risk I/O, a leader in vulnerability intelligence, says that depending on your business, a simpler option is a static page, such as product literature or other representation of your site. This will temporarily disable site functions such as online ordering, but serves its damage-control purpose of not keeping customers in the dark as you get the full site running. “This has the added benefit of helping you to keep users informed during the attack,” he said. Abernethy recommends that anyone who does business online do regular, full backups. The recovery plan should also include critical details, such as what the recovery process is, where data backups are stored and who is responsible for which tasks. Disaster-recovery planning should also be part of regular operational maintenance. “Don’t just make a plan and think you are covered,” Abernethy said. “Get into the habit of reviewing the full plan each backup cycle to ensure any changes are accounted for. It sounds like a lot of extra work, but it really isn’t if you build it into your normal routine.” As Stella says, businesses should always be in ‘prepared mode.’ “Don’t wait for the hurricane to strike.” For protection against your eCommerce site click here . Source: http://www.businessnewsdaily.com/4667-ddos-attacks-small-business.html

View original post here:
Protect Your Website: How to Fight DDoS Attacks

LinkedIn DDoS response botched

More than half of Linkedin’s members were knocked off the service for an extended period yesterday following a botched response to a DDOS by service provider Network Solutions. Users were redirected in error to India-based website confluence-networks.com which did not require Secure Sockets Layer connections meaning users’ cookies were sent in clear text. Initial media reports suggested the company’s DNS had been hijacked and user security potentially compromised as user’s cookies may have been visible as plain text during the outage. Linkedin subsequently confirmed on Twitter that the outage was due to human error not malice. “Yesterday’s issue was not malicious in any way It was an error by the company that manages our domain,” the statement said. In a post on its site the company claimed LinkedIn member data was not compromised. For protection against your eCommerce site click here . Source: http://www.scmagazine.com.au/News/347578,linkedin-ddos-response-botched.aspx

Possibly related DDoS attacks cause DNS hosting outages

Distributed denial-of-service (DDoS) attacks that could be related have in the past few days slammed the DNS servers of at least three providers of domain name management and DNS hosting services. DNSimple, easyDNS and TPP Wholesale all reported temporary DNS service outages and degradation on Monday, citing DDoS attacks as the reason. In some cases the attacks started a few days ago and are ongoing. TPP Wholesale, a subsidiary of Sydney-based Netregistry, one of Australia’s largest providers of Web hosting, domain management and other online services, alerted its customers through its website on Monday that eight of its DNS servers experienced “unscheduled service interruption.” TPP Wholesale experienced a series of DDoS attacks against its DNS name servers over the past several days, the Netregistry Group Security Team said in a blog post. The company managed to mitigate the DDoS attacks that caused service interruptions throughout Monday by taking “the drastic step” of rate-limiting DNS queries, the team said. Such aggressive filtering is prone to false positives and might result in some customers being denied DNS service. “In the next few days we will continue to whitelist such false positives as we discover them,” the team said. Second wave EasyDNS, a DNS hosting provider based in Toronto, also reported DNS service disruptions caused by a DDoS attack on Monday. “This looks like a larger version of a smaller DDoS yesterday which was possibly a test run,” the company’s CEO Mark Jeftovic said Monday in a blog post. “This DDoS attack is different from our previous ones in that it looks as if the target is us, easyDNS, not one of our clients.” Jeftovic said that it was difficult to differentiate the real traffic from the DDoS traffic, but the company managed to partially mitigate the attack and also published workarounds for affected customers. “This is the ‘nightmare scenario’ for DNS providers, because it is not against a specific domain which we can isolate and mitigate, but it’s against easyDNS itself and it is fairly well constructed,” he said. Third victim Aetrion, based in Malabar, Florida, operates a DNS hosting service called DNSimple, which was also attacked on Monday. According to DNSimple founder Anthony Eden, the DDoS attack is ongoing, but the company managed to mitigate it. “Our authoritative name servers were used as an amplifier for an attack against a third-party network,” Eden said Tuesday via email. “The attacker essentially flooded us with ‘ANY’ queries for a variety of domains managed by our DNS service, with the intention of amplifying these small queries into significantly larger responses aimed at a specific network.” This attack technique is known as DNS reflection or DNS amplification. It involves sending queries with a spoofed source IP (Internet Protocol) address—usually the victim’s address—to DNS servers from a large number of computers in order to trigger long responses to be sent by those servers to victim’s IP address within a short time window. If enough computers and DNS servers are used, the resulting rogue DNS traffic will exhaust the victim’s available Internet bandwidth. The DNS reflection technique has been known for a long time. However, its recent use to launch DDoS attacks of unprecedented scale, like the one in March that targeted a spam-fighting organization called Spamhaus, has likely brought it renewed interest from attackers. The attack experienced by DNSimple on Monday was significantly larger in volume and duration than other attacks that hit the company’s name servers in the past, Eden said. He believes that the attack is related to the ones experienced by easyDNS and TPP Wholesale. “The pattern displayed on TPP Wholesale’s blog is similar to what we see, and we have been communicating with easyDNS and find similarities between the attacks.” EasyDNS and TPP Wholesale did not immediately respond to inquiries seeking more information about the recent attacks against their servers and confirmation that they were using DNS reflection techniques. Attack and abuse reports on the increase It’s possible that DNS servers operated by other companies were also affected by this attack, Eden said. “A DNS provider will have a significantly higher number of customers and thus the attacks get noticed much sooner because it affects a larger group of people,” he said. DNSimple’s authoritative name servers were used to amplify a DDoS attack directed at a server hosting company called Sharktech or one of its customers, Eden said. Sharktech has noticed a surge of abuse reports in the past 24 hours coming from ISPs and hosting companies complaining about DDoS attacks against their DNS servers that appear to originate from Sharktech, said Tim Timrawi, president and CEO of Sharktech, via email. Upon further investigation the company determined that these reports were actually the result of a DNS amplification attack against its own customers that abused the authoritative DNS servers of those companies, he said. Most of the affected DNS servers were secured properly and were being queried for domains they are responsible for, Timrawi said. “Unlike previous DNS Amplification Attacks in which the attacker used open recursive DNS servers, in this one, the attacker is collecting all the DNS servers they can find and sending MX (and other kind of queries) to them for their domain records with a spoofed source of the target host,” he said. The amplified DDoS attack targeting Sharktech customers was larger than 40Gbps, Timrawi said. “We are unaware of the reason behind the attacks,” he said. The abuse of authoritative name servers in DNS reflection attacks is not very common because attackers need to know the exact domain names that each abused server is responsible for, said Carlos Morales, vice president of sales engineering and operations at DDoS mitigation provider Arbor Networks. Obtaining this information is not very hard, but it does require additional work compared to abusing open DNS resolvers, and attackers usually prefer the easiest route to reach their goals, he said. Open DNS resolvers are recursive DNS servers that are configured to accept queries from any computers on the Internet. These act as relays between users and authoritative DNS servers; they receive queries for any domain name, find the authoritative name server responsible for it and relay the information obtained from that server back to the user. Meanwhile, authoritative name servers, like those operated by DNSimple, easyDNS and TPP Wholesale, will only respond to queries concerning the domain names they serve. Well-prepared attackers The extra work required to target such servers suggests that the attackers behind the recent attacks on these DNS hosting providers were well prepared and did their homework in advance, Morales said. One mitigation against this kind of attack is to configure the DNS server software to force all “ANY” queries sent over UDP (User Datagram Protocol) to be resent over TCP (Transmission Control Protocol) instead, Eden said. This can be done by sending a UDP response with the TC bit set and an empty answer section. A legitimate DNS client will retry over TCP, while a bogus client will get no benefit, he said. In the case of open resolvers, the problem can be mitigated by restricting which IP addresses are allowed to query them, said Morales. For example, an ISP operating a DNS resolver for its customers can restrict its use to only IP addresses from its network, he said. However, this kind of mitigation is not applicable to authoritative name servers because they are meant to be queried by anyone on the Internet who wants to get information about the specific domain names served by them, Morales said. The mitigation described by Eden is very good and is actually one that Arbor also uses to protect authoritative name servers, he said. Another mitigation is to enforce a query rate limit for source IP addresses, he said. Source: http://www.pcworld.com/article/2040766/possibly-related-ddos-attacks-cause-dns-hosting-outages.html

View original post here:
Possibly related DDoS attacks cause DNS hosting outages

Turkish gov’t websites hacked by Anonymous

A group of computer hackers known as Anonymous carried out early on Monday a series of cyberattacks on Turkish government websites in retaliation for violent police response to anti-government protests. Several Anonymous messages in its Twitter blog provide links to the sites, including those of President Turkish President Abdullah Gul and Turkey’s ruling Justice and Development Party, that have been denied public access. Hackers normally use distributed denial of service (DDoS) attacks to knock their targets offline. Turkey’s Hürriyet Daily News reported on Monday that some Turkish media websites have also been targeted by Anonymous for “for failing to adequately cover the events.” The planned demolition of Gezi Park in central Istanbul sparked mass rallies in the city on Saturday, prompting police to use tear gas and water cannons to disperse the protesters. Violent clashes between protesters and police continued in Istanbul and the capital, Ankara, on Sunday. The rally in Istanbul triggered more than 230 separate protests in 67 cities across the country, according to Sky News. Turkey’s Interior Minister Muammer Guler said on Sunday that more than 1,700 people had been arrested in the unrest nationwide, adding that 58 civilians and 115 security officers had been injured over several days of protests. The United States and the European Union and have already urged the Turkish government to exercise restraint, while Amnesty International has condemned the use of tear gas by Turkish police as “a breach of international human rights standards.” Anonymous declares Internet attacks in support of Turkish protests Anonymous vows to kick off a worldwide action which will “bring the Turkish government to its knees.” With #opTurkey, the hacktivist collective plans to “attack every Internet and communications asset of the Turkish government.” Anonymous claims to have taken down several websites across Turkey, targeting municipal governments in Mersin and Izmir as well the Gebze Institute of Technology. Source: http://www.turkishweekly.net/news/151067/turkish-gov-39-t-websites-hacked-by-anonymous.html

Continued here:
Turkish gov’t websites hacked by Anonymous

Preparing for Battle: DDoS Attacks On Business

Lately, DDoS attacks have crept back into the headlines, forcing businesses to reacquaint themselves with the concept. DDoS stands for distributed denial-of-service which uses multiple machines to carry out a DoS attack on unsuspecting victims. It is estimated that over 7,000 attacks happen daily with the motives and severity of consequences varying between different attacks but all have the potential to greatly harm a company’s operations. To minimize any possible damage, it is important to prepare a defense against these malicious attacks especially as they are on the rise and could target your business at any moment. How to realize you are in the midst of a DDoS attack At the beginning of a DDoS attack, you may fail to even realize what is occurring. The optimistic side of you wants to believe that your marketing efforts have finally kicked in and created a sudden wave of interested customers to your website. However great that may be, the reality is as the numbers increase and overwhelm your servers, you are more likely to be under attack. When a DDoS attack occurs they are using one of two avenues: a special malware that infects the machines of others in order to carry out the attack from a large number of hosts or utilizing a large number of volunteers to their cause to perform the attack in unison. Regardless of the technique employed, they both use many host computers to access the target’s website and overwhelm their servers which results in long periods of downtime. Why Attackers Target You The reasons behind DDoS attacks can vary depending on the organization performing the attack and who they are attacking. The most common reason behind an attack is extortion where they perform a small attack on your servers first, then contact you demanding a certain amount of money to prevent a larger attack from occurring. The more profitable a company you are, the higher the chance you will be a target for extortion. Also, if your organization is currently in the spotlight for political controversy, there are many “hacktivists,” like the group Anonymous, who carry out DDoS attacks to satisfy their political agenda. Lastly, in sophisticated and large-scale attacks, the hackers could be attempting a security breach in order to obtain confidential information. All of these causes could create a devastating impact upon your company’s image. The Effects of DDoS Attacks 1. Revenue The more heavily you rely on your website as a means for business, the more severe a DDoS attack will affect your company. The average daily revenue loss from attacks for those that depend heavily on the Internet for their business is $2,000,000 or nearly $100,000 per hour. Even if you are a smaller organization with less reliance on the Internet, the average loss is $10,000 per hour when in downtime. These are significant amounts of losses that could be hard to recover from, especially for a small business. 2. Reputation As a DDoS attack is occurring, it becomes nearly impossible for any customer to access your website and results in an unpleasant experience for them. For instance, if you are a banking website, they can’t access their accounts which is very critical and leaves them feeling like their private information is at risk. Even after the attack is over, you will have to spend time and money in public relations efforts to reinstate faith in your service from your customer base. 3. Lawsuits When the attack breaches security and confidential information, a risk for lawsuits from customers and consumer protection groups occurs. Now you are not only looking at revenue loss from the downtime and from a loss of reputation but also, significant legal fees associated with your company failing to protect customer information. If all three occur, the DDoS attack could be enough to send your company into bankruptcy and impending failure. How to Protect Your Company The devastating effects from a DDoS attack is enough to leave you shaking in your boots, however most companies still fail to provide adequate protection against said attacks. As the sophistication of these attacks increase, your company’s firewall and current security measures may not be enough to handle a full-scale attack. In a recent survey, Neustar only found that 3% of the surveyed organizations had an anti-DoS solution. Here are some steps you should take to protect your company in the event of a DDoS attack: Develop a defense strategy immediately so you are prepared to take action when an attack occurs. Identify current security lapses or vulnerabilities within your website. If you have been a victim from an attack, keep information collected about it so you can determine how to properly fight off future attacks Simulate a DDoS attack to ensure your response measures are adequate. Consider purchasing an anti-DoS service from a security provider to narrow the possibility of attack. Combine anti-DoS service with the above steps to provide a comprehensive approach to protection. As DDoS attacks are on the rise, now is the time to prepare your company in the event of attack. Even smaller organizations could become victims, so it is important to be ready to defend your company’s website and servers from hackers. Following the steps for protection can prevent a DDoS attack from causing results that could be extremely difficult to recover from, allowing you to come out victorious in an otherwise disastrous situation. Source: http://technologyadvice.com/preparing-for-battle-ddos-attacks-on-business/

More:
Preparing for Battle: DDoS Attacks On Business

Iranian Hackers Launching Cyber-Attacks on U.S. Energy Firms: Report

Iranian hackers launched attacks as part of a campaign against the country’s oil and gas industry, according to current and former U.S. government officials. Iranian hackers have amped up a campaign of cyber-attacks against America’s energy industry, according to a report from The Wall Street Journal . Citing current and former U.S. officials speaking under the blanket of anonymity, the Journal reported that Iranian hackers accessed control system software that could have allowed them to manipulate oil or gas pipelines. The attacks raise the stakes in cyber-space between the U.S. and Iran, which has been accused by U.S. officials of being behind a spate of distributed denial-of-service attacks (DDoS) against U.S. banks stretching back to 2012. “This is representative of stepped-up cyber activity by the Iranian regime. The more they do this, the more our concerns grow,” a source told the Journal . “What they have done so far has certainly been noticed, and they should be cautious.” Alireza Miryousefi, Iran’s spokesperson at the United Nations, denied any connection between hackers and the regime in an interview with the Journal . The officials who spoke to The Wall Street Journal did not name any of the energy companies targeted in the attacks. But two former officials said oil and gas companies located along the Canadian border were among those hit. Word of the attacks comes a week after Charles Edwards, deputy inspector general at the U.S. Department of Homeland Security, told members of a Senate subcommittee that industrial control systems were increasingly coming under attack in cyber-space in ways that could potentially cause “large-scale power outages or man-made environmental disasters.” Securing these systems is complicated, as many are more interconnected with the Internet than people realize, explained Tom Cross, director of security research at network security vendor Lancope. “It is also difficult to fix security flaws with these systems because they aren’t designed to be patched and restarted frequently,” he said. “It is extremely important,” he continued, “that operators of industrial control networks monitor those networks with systems that can identify anomalous activity that might be associated with an attack. Because of the relatively homogenous nature of network activity on many control systems networks, anomaly detection can be can be a powerful tool in an environment where other kinds of security approaches fall flat.” Much of the talk about improving the security of critical infrastructure companies has focused on information sharing between the government and private sector. Improving communication between government and business figured prominently in the executive order on cyber-security that President Barack Obama issued in February. However, many officials and security experts have said that the order does not undo the need for legislation. “The increases in cyber-assaults on our energy systems from Iranian-backed hackers are another signal to the government and the industry that measures must be taken to fortify the security of our critical infrastructure,” said Lila Kee, chief product and marketing officer at GlobalSign and a North American Energy Standards Board (NAESB) board member. “However, there is a fine line between cyber-security regulation and voluntary standards,” she said. “Regulations cannot be so rigid so as to prevent protection from today’s evolving advanced persistent threats, and voluntary standards cannot be so loose so as to provide no purpose. In today’s modern world of malware, solutions must be fluid and scalable to battle aggressive cyber-attacks.” Source: http://www.eweek.com/security/iranian-hackers-launching-cyber-attacks-on-us-energy-firms-report/

DDoS Attacks – Understanding the Dangers

If you’re a small business owner, or if you own Web space for any reason, one of the new threats that have no doubt begun to appear on your horizon is the potential of being attacked online. Fortunately for the hackers, not a lot of people understand what online attacks really are, how they pull them off, or how to effectively protect from it. Most computer repair experts agree it is hard to guarantee 100 percent security, but you can take the necessary precautions to minimize damages if your security is ever compromised. Taking precautions starts by understanding the dangers: One of the most common types of attack that takes place these days is a DDOS, or Distributed Denial of Service attack. This type of attack is particularly effective because it doesn’t require an intimate knowledge of your security to be deployed. It just takes brute force. Prior to the scheduled attack, the hacker will create a swarm of “zombie” computers — computers infected by the hacker’s software. This software allows the hacker to use the processing power of thousands of computers belonging to other people to bring down your server. When the attack commences, the hacker tells the zombie computers to simultaneously and continually load information from your Web server. If the attack is powerful enough, your server will stop serving. It will become unreachable so even legitimate visitors can’t access the site. While this intense strain is taking over your server, the hacker can try to slip into the back door unnoticed. This is where a lot of the actual financial loss associated with DDOS attacks come from. Scared yet? Don’t be…too scared. Most DDOS attacks happen to high-profile sites that make a lot of money online and that have a lot to lose from even a temporary outage. But there’s still a chance it could happen to you for reasons beyond your control. So how do you protect against such a large-scale attack? The easiest way is to talk to your in-house IT Department and have them work through the nine steps that help defend against a DDOS attack. No IT onsite? Then call your trusted IT or computer repair professionals and tell them you want to prepare for a DDOS attack. They can best help you and recommend plans to upgrade your servers or to install special software that can determine legitimate traffic from DDOS attacks. They might also want to talk with you about the current security software you’re using. An off-the-shelf program probably won’t defend very well against this new type of attack, so talk with your IT professional about the options available to you. As always, the best defense is vigilance. As you’re managing your website, be sure to note any suspicious traffic, educate your staff on safe practices and call your computer repair professionals as soon as you note suspicious activity. Most likely it won’t be anything, but it never hurts to ask. For protection against your eCommerce site click here . Source: http://www.sitepronews.com/2013/05/22/ddos-attacks-understanding-the-dangers/

Saudi Web Sites Under DDoS Attack

The Saudi Interior Ministry said Friday that several government Web sites have come under attack in a campaign hackers are calling #OpSaudi. Hackers who identify with the loose hacking collective Anonymous have aimed at several government Web sites, including the Saudi Ministry of Finance, General Intelligence Presidency, the Ministry of Foreign Affairs, and the Directorate General of Passports, as well as sites for several major Saudi provinces, including Makkah and Jeddah. Most of the sites are facing distributed denial of service, or DDoS, attacks, in which hackers flood each site with traffic until they collapse under the load. But hackers claimed to have also broken into some sites through a so-called SQL injection, in which attackers exploit a software vulnerability and enter commands that cause a database to produce its contents. In one case, the Twitter account for @AnonySaudi claimed to delete the database of a Saudi Web server. Hackers say their motive is twofold. On Twitter, some claim the #OpSaudi campaign is in retaliation for unconfirmed reports of a rape and murder in Saudi Arabia. Some Tweets include links to YouTube videos which show images of a naked body dumped on the side of a road. The attacks also followed an announcement by Matthew Rosenfield, the well-known security researcher who goes by the hacker handle Moxie Marlinspike, that Mobily, a major Saudi telecommunications company, approached him about assisting in a continuing Saudi surveillance project. In a widely circulated blog post Monday, Mr. Marlinspike said he learned that on behalf of a Saudi “regulator,” Mobily is working to intercept mobile app data for communication tools including Twitter and free mobile messaging apps like Viber, Line and WhatsApp that send messages over the Web. He published his e-mail correspondence with an executive at Mobily, which showed the company is developing the ability to monitor mobile data communication and already has the ability to block it. Mr. Marlinspike told Yasser D. Alruhaily, a Mobily security executive, that he declined the job for privacy reasons. Mr. Alruhaily replied, “I know that already and I have same thoughts like you freedom and respecting privacy, actually Saudi has a big terrorist problem and they are misusing these services for spreading terrorism and contacting and spreading their cause that’s why I took this and I seek your help,” he wrote. “If you are not interested than maybe you are on indirectly helping those who curb the freedom with their brutal activities.” Mobily spokesman denied contacting Mr. Marlinspike. ”Mobily or its employees never communicated with the author of this blog,” the company told Reuters. “Mobily communicates with information security companies only based on legal and lawful requirements. We never communicate with hackers. Moreover, it is not our job to spy on customers.” On Friday, the Mobily Web site was among the growing number of Saudi Web sites that #OpSaudi had taken offline. Source: http://bits.blogs.nytimes.com/2013/05/17/saudi-web-sites-under-attack-following-surveillance-accusations/

More:
Saudi Web Sites Under DDoS Attack

LulzSec Hackers Get Years Of Prison Time

Four men who took part in a significant number of cyber attacks on the likes of the NHS, Sony and the CIA received stern sentences today, following a lengthy trial into the activities of hacktivist crew LulzSec. News International and the UK Serious Organised Crime Agency (SOCA) were also hit by the hackers, who thought they were “latter-day pirates”, according to prosecutors speaking yesterday. Tough sentences for LulzSec Ryan Cleary, who was affiliated with LulzSec but not believed to be a leader, received the toughest sentence, with 32 months in prison. He let LulzSec members use his botnet to carry out distributed denial of service (DDoS) attacks. Cleary is also due to be sentenced over indecent images of children found on his computer at a later date. Ryan Ackroyd received a 30-month sentence for his part in researching and executing many attacks. Jake Davis, the spokesperson of LulzSec, is to serve 24 months in young offenders’ institution, whilst Mustafa Al-Bassamwas, who researched vulnerabilities for the attacks, was handed a 20-month suspended sentence of two years and 300 hours unpaid work. It is believed US law enforcement are keen to have some of the men extradited to face charges on US soil. However, Cleary’s legal team issued the following statement: “We believe the pleas that were entered today do cover all aspects of Mr Cleary’s criminality and therefore we do not anticipate that he will be in receipt of an application for extradition from the United States of America.” The notice, from Karen Todner Solicitors, also noted Cleary suffered from Aspergers Syndrome, but added he “does not seek to excuse his behaviour”. No laughing matter Charlie McMurdie, head of the Police Central e-Crime Unit, which carried out the investigation into the hackers alongside the FBI, said LulzSec had been “running riot, causing significant harm to businesses and people”. “Theirs was an unusual campaign in that it was more about promoting their own criminal behaviour than any form of personal financial profit,” added McMurdie, who is soon to retire from the force. “In essence, they were the worst sort of vandal – acting without care of cost or harm to those they affected, whether that was to cause a company to fold and so costing people their jobs, or to put at threat the thousands of innocent Internet users whose logins and passwords they made public. “They claimed to be doing it for ‘a laugh’ but real people were affected by their actions. Today’s convictions should serve as a deterrent to others who use the Internet to commit cyber attacks.” This might not be the denouement to the LulzSec saga, however, as hackers are threatening to take revenge. According to Sophos’ Graham Cluley, before the sentences were announced today, a group using the Twitter handle @LulzSecWiki said courts “could be in for ‘fun’” depending on their decision. Source: http://www.techweekeurope.co.uk/news/lulzsec-hackers-jailed-uk-116507

Taken from:
LulzSec Hackers Get Years Of Prison Time

9 PH gov’t sites inaccessible due to DDoS Attack

Two days before the May 13 elections, the Commission on Elections (Comelec) and the Philippine News Agency websites appeared inaccessible to the public. Cursory inspections of the websites of the Philippines’ Departments of Interior and Local Government, National Defense, Foreign Affairs, and Science and Technology, showed they were also apparently inaccessible. The pages for the Philippine National Police, the Army and Navy, and the Philippine Information Agency also could not be accessed. As of 4:10 pm., the Department of Science and Technology (DOST) acknowledged and confirmed distributed denial of service (DDoS) attacks occurring against government sites, but they did not mention where the attacks came from. In a text message to Rappler, Roy Espiritu of the DOST ICT Office said the attacks started on May 10 on gov.ph, then to additional gov.ph-based websites on May 11. He added that the DOST was working on neutralizing the attacks and determining the source. They are also assisting government agencies outside their secured servers who have asked for help. Interaksyon.com earlier reported on the possibility of the downtime being caused by a cyberattack, but noted that the Facebook page of Anonymous Philippines, a hacker-activist group, stated they would undertake no operations during this time. GMA wrote that its technical team “detected an overnight cyberattack that was still ongoing as of posting time on numerous Philippine websites, including GMA News Online, ABS-CBN News, Philippine Airlines, Globe, Smart, and more than two dozen Philippine government websites.” Based on referrer tags and forum activity, GMA also added the attacks seem to have come from Taiwan, linking to a Taiwanese webpage that seems to have reacted positively to the Philippine site downtime. The possibility of a cyberattack related to Philippine-Taiwanese tensions resulting from the shooting of a Taiwanese fisherman was also raised. While no announcement has been made by the Philippine government, Comelec spokesperson James Jimenez mentioned previously to Rappler that the Comelec website may have downtime due to the number of people visiting it, as well as the location of the Comelec website servers. It also repeated this in a recent tweet. As of 2:30 pm., Rappler could access the site, which appears to have had a redesign in time for the elections. With regard to election issues, those seeking information from the Comelec about finding one’s voting precinct but cannot access their homepage can contact the Comelec through the following hotlines: 525335; 5259297; 5259301; 5259302; 5259345; 5271892; 5516552; 5521451; 5523044. – Rappler.com For protection against your eCommerce site click here . Source: http://www.rappler.com/nation/28804-philippine-government-sites-inaccessible

View original post here:
9 PH gov’t sites inaccessible due to DDoS Attack