Tag Archives: copyright

Nationwide DDoS Attack Hits ReputationChanger.com

ReputationChanger.com was the most recent target in a string of high-profile cyber-attacks against U.S. web companies and governmental organizations. Reputation.com, LivingSocial and Name.com have all announced recently that they have been the targets of successful attacks by hackers. Tens of millions of consumers have been asked to change passwords in the wake of these attacks with large numbers of the population informed that personal data may have been accessed. A hack of the Associated Press account in Twitter resulted in a temporary loss on U.S. stock markets of $200 billion in late April. The U.S. Defense Department accused Chinese government-backed hackers this week of a sustained cyber campaign which successfully targeted governmental and defense contractor websites. The Chinese later denied these allegations. ReputationChanger.com was indeed targeted by an attack from a Chinese IP address that lasted most of the day. While the company’s public website was taken down for roughly half an hour in a distributed denial of service attack (DDoS), an investigation confirms that the company’s critical information — including client data — remained untouched. “The attack brought down our main website briefly but I think overall it revealed the strength and security of our operation in a way that we are truly proud of,” comments the company’s president, Michael Zammuto. “Because of the system set up, no client data was in danger of being accessed or compromised — and indeed, no client data was accessed or compromised. No action is required of any client although periodic password changes are always recommended.” Even a cyber-attack targeting the company’s Command Center, the firm’s online reputation management platform, could not have led to illicit data access. “The confidentiality of what we do is critical, and we are endlessly devoted to maintaining the complete privacy of our clients,” Zammuto offers. “As such, we have a highly distributed cloud system, response teams and processes in place to prepare for cyber threats.” Though the identity of the cyber assailant is yet unknown, Zammuto says the impetus for the attack is likely the high-profile client list that ReputationChanger.com maintains. “We were surely targeted because of the very important clients that we work with,” he affirms. ReputationChanger.com’s clientele encompasses governments, political figures, educational institutions, celebrities, and major, internationally-recognized businesses and brands. Despite the brief downtime experienced on the ReputationChanger.com website, Zammuto says that he is ultimately thrilled with how well the enterprise held up in the face of a malicious online assault. “I am very pleased with the performance of our network security team and partners,” he remarks. “It is a great reminder of how valuable investments are in these areas. They kept us safe from a vicious online enemy. It is because of their hard work and their expertise that ReputationChanger.com’s clients can rest assured that their confidential data is in the best possible hands.” ReputationChanger.com is the top rated online reputation management firm according to Top SEOs and was announced as a finalist for the Red Herring 100 earlier this week Both organizations citing the firm’s technology and its commitment to serving its clients. For protection against your eCommerce site click here . Source: http://online.wsj.com/article/PR-CO-20130509-912785.html?mod=googlenews_wsj

Visit link:
Nationwide DDoS Attack Hits ReputationChanger.com

Anonymous OpUSA: Massive Cyber Attack Planned For Wednesday May 8 Against Government and Banks

The hacktivist collective Anonymous, along with other hacker groups based in the Middle East and North Africa, began an operation, dubbed “OpUSA,” targeting the websites of nine major U.S. government agencies and over 130 banks earlier this morning in a protest against American foreign policy. Targets include the Pentagon, the National Security Agency, the FBI and the White House, along with the websites of banks such as Bank of America, Capital One and TD Bank. Calling themselves the “N4m3le55 Cr3w,” the collective of hacker groups said in a statement that it aims to make sure “this May 7th will be a day to remember.” The relatively amorphous Anonymous, a decentralized and loosely associated collective of hackers, grew out of the internet imageboard 4Chan back in the early 2000s. As the very interesting and informative 2012 documentary on the group, “We Are Legion: The Story of the Hacktivists,” highlights, there is no one group called Anonymous with one set of goals or ideals. Rather there are a collection of groups and individuals that operate under the name Anonymous, often with varying agendas ranging from principle social activism to just messing with people because they can. Because of this, their actions can range from the awesome (such as their support for protesters during the Arab uprisings) to the simply mean and unnecessary (such as posting flashing animations on the website of an epilepsy support group). Anonymous is joined by groups including the Izz al-Din Qassam Cyber Fighters, whose sole aim is apparently to get the “Innocence of Muslims” video removed from YouTube. Other groups involved in OpUSA include Mauritania hackers, Muslim liberation army, antisec, and lulzsec. Over the past six months, the Qassam Cyber Fighters have successfully carried out distributed denial of service (DDoS) attacks against large American banks. The groups have been publicizing their planned operation for weeks now, and in their statement posted on the website Pastebin on April 21 they said that America will pay for the war crimes it has committed: “America you have committed multiple war crimes in Iraq, Afghanistan, Pakistan, and recently you have committed war crimes in your own country. You have killed hundreds of innocent children and families with drones, guns, and now bombs. America you have hit thousands of people where it hurts them, now it is our time for our Lulz. For this you shall pay.” For protection against your eCommerce site click here . Source: http://current.com/technology/94112350_anonymous-opusa-massive-cyber-attack-planned-for-wednesday-against-government-and-banks.htm

Read More:
Anonymous OpUSA: Massive Cyber Attack Planned For Wednesday May 8 Against Government and Banks

May 7 2013 OpUSA: A Promise of Cyber Events to Come?

What will actually happen in (or to) cyberspace on May 7, 2013? That is the question that many are asking as they prepare for a promised attack from the hacktivist groups this coming week. According to an announcement in an April 24 Pastebin threat to US and Israeli Governments, “We gonna launch a big attack against The USA Network and we gonna make some Damages.” Some sources say that this is a serious threat, and government and banking enterprises need to be prepared. Govinfosecurity.com reported: “Security experts say that OperationUSA, a coordinated online attack against banking and government websites slated for May 7, is a serious threat. As a result, organizations should be upping their  distributed-denial-of-service attack  mitigation strategies to guard against the attacks, which are being coordinated by the hacktivist group Anonymous. Experts advise that call-center staff should be educated about DDoS attacks, in case customers call in about online outages or experience difficulty accessing accounts. And network and security teams should actively monitor Internet traffic on May 7 and take steps to block specific IP addresses.” A look at the Twitter-feed or OpUSA yields some interesting tweets, links to anti-USA videos and more.  Here is one of those tweets from Cisco Security ?@CiscoSecurity:  “Stay informed about the planned # OpUSA cyberattacks against government and banking infrastructure http://cs.co/9001Xc4N #security”   Is the OpUSA Threat Overblown? And yet, Krebs on Security reported that the threat may be “more bark than bite.” Brian Krebs writes: “A confidential alert, produced by DHS on May 1 and obtained by KrebsOnSecurity, predicts that the attacks ‘likely will result in limited disruptions and mostly consist of nuisance-level attacks against publicly accessible webpages and possibly data exploitation. Independent of the success of the attacks, the criminal hackers likely will leverage press coverage and social media to propagate an anti-US message….’ In an interview with Softpedia, representatives of Izz ad-Din al-Qassam said they do indeed plan to lend their firepower to the OpUSA attack campaign.” My Reaction So what is Michigan government doing? While I won’t list every step taken here, I can say that we are hoping for the best, while preparing for potential issues to occur. There are a variety of scenarios, but I believe that governments need to be prepared for Distributed Denial of Service (DDoS) attacks and possibly worse. In my opinion, this is now the new normal in cyber threats, and enterprises must be prepared. I tend to also agree with DHS and Krebs that this may not be as big an issue on Tuesday as some predict. Nevertheless, we must treat this in the way that police regularly investigate other types of serious security threats. Another observation is that this may become the “new normal” regarding cyber threats. Government enterprises need to have procedures in place to react to these cyber threats and potential attacks. There are services that can be purchased from your ISP to address DDoS, and there are also other security steps that enterprises can take regarding people, process and technology improvements. Michigan has experienced a DDoS attack before, and we will likely see similar cyber attacks again. One final thought. The bad guys use these type of announcements to test our cyber defenses. They see what we do to mitigate risks or raise the alert levels on Tuesday. This information could be used in the future for unannounced online attacks. For that reason, I suggest that cyber teams deploy only the defense tool needed, when they are needed. We need to have adaptive cyber defenses that are appropriate for the specific attack situation. Or more simply, don’t openly “show your hand” to the adversary. What are you doing to prepare for Tuesday? Do you think these cyber threat announcements are becoming the new normal around the world? For protection against your eCommerce site click here . Source: http://www.govtech.com/blogs/lohrmann-on-cybersecurity/OpUSA-A-Promise-of-050413.html

View original post here:
May 7 2013 OpUSA: A Promise of Cyber Events to Come?

May 7: Mark Your Calendar (or Not) for Credit Union DDoS Attacks

CUNA made headlines with its warning about a planned May 7th DDoS – Distributed Denial of Service – attack that, said the trade group, was sufficiently worrisome that credit unions had to take steps to be ready. CUNA attributed the source of word of the threat to “chatter” that has been detec What chatter? That turns out to be comments not from the al Qassam Cyber Fighters – the group that has claimed the prior DDoS attacks that have knocked big U.S. banks and several credit unions offline in the past year. Sources pointed instead to OpUSA, a shadowy hacktivist group that is affiliated with Anonymous. OpUSA has claimed al-Qassam will be involved in the May 7 attacks, but al Qassam – a group often said to be allied with the Iranian government – has been less committal in its remarks. As for what OpUSA has planned for May 7, the group has offered its commentary on Pastebin, the website of choice for DDoS-related announcements. (Warning: there is substantial off color language here,) Aside from anti-Israel and anti-Obama  commentary, there are no real details of what is planned for May 7. Anonymous, the supposed manpower behind OpUSA, is a group that has had successful takedowns of public websites – recently the Spanish parliament’s website became a victim.  It has documented computer skills at very high levels.  But the exact relationship between OpUSA and Anonymous is not presently known. So, what should a credit union do in the run up to May 7?  Experts consulted by Credit Union Times indicated that at this late date, not much could in fact be done to ward off an unknown attacker unleashing an unknown attack vector in a little over a week. Were budgets unlimited, much could be done, said the experts, but with a typical credit union’s constrained IT budget, many will decide their best course of action is to wait this one out and see exactly what damage transpires on May 7. In the vast majority of cases, DDoS also has not been associated with data breaches. It has been an outage, plain and simple, noted one expert who indicated it was not that different from going down in an electrical storm. “Many – most – will decide to take this route,” he said. For protection against your eCommerce site c lick here . Source: http://www.cutimes.com/2013/04/29/may-7-mark-your-calendar-or-not-for-credit-union-d?ref=hp

Link:
May 7: Mark Your Calendar (or Not) for Credit Union DDoS Attacks

May 7th 2013: Mark Your Calendar (or Not) for OpUSA DDoS Attacks

CUNA made headlines with its warning about a planned May 7th DDoS – Distributed Denial of Service – attack that, said the trade group, was sufficiently worrisome that credit unions had to take steps to be ready. CUNA attributed the source of word of the threat to “chatter” that has been detec What chatter? That turns out to be comments not from the al Qassam Cyber Fighters – the group that has claimed the prior DDoS attacks that have knocked big U.S. banks and several credit unions offline in the past year. Sources pointed instead to OpUSA, a shadowy hacktivist group that is affiliated with Anonymous. OpUSA has claimed al-Qassam will be involved in the May 7 attacks, but al Qassam – a group often said to be allied with the Iranian government – has been less committal in its remarks. As for what OpUSA has planned for May 7, the group has offered its commentary on Pastebin, the website of choice for DDoS-related announcements. (Warning: there is substantial off color language here,) Aside from anti-Israel and anti-Obama  commentary, there are no real details of what is planned for May 7. Anonymous, the supposed manpower behind OpUSA, is a group that has had successful takedowns of public websites – recently the Spanish parliament’s website became a victim.  It has documented computer skills at very high levels.  But the exact relationship between OpUSA and Anonymous is not presently known. So, what should a credit union do in the run up to May 7?  Experts consulted by Credit Union Times indicated that at this late date, not much could in fact be done to ward off an unknown attacker unleashing an unknown attack vector in a little over a week. Were budgets unlimited, much could be done, said the experts, but with a typical credit union’s constrained IT budget, many will decide their best course of action is to wait this one out and see exactly what damage transpires on May 7. In the vast majority of cases, DDoS also has not been associated with data breaches. It has been an outage, plain and simple, noted one expert who indicated it was not that different from going down in an electrical storm. “Many – most – will decide to take this route,” he said. For protection against your eCommerce site c lick here . Source: http://www.cutimes.com/2013/04/29/may-7-mark-your-calendar-or-not-for-credit-union-d?ref=hp

Continue Reading:
May 7th 2013: Mark Your Calendar (or Not) for OpUSA DDoS Attacks

5 Tips for Fighting DDoS Attacks

It should be the busiest day of the year for your business, but your website has just disappeared off the Internet and orders have dried up. If this happens to you, then you’ve likely just become yet another victim of a distributed denial of service (DDoS) attack. A basic denial of service attack involves bombarding an IP address with large amounts of traffic. If the IP address points to a Web server, then it (or routers upstream of it) may be overwhelmed. Legitimate traffic heading for the Web server will be unable to contact it, and the site becomes unavailable. Service is denied. A distributed denial of service attack is a special type of denial of service attack. The principle is the same, but the malicious traffic is generated from multiple sources — although orchestrated from one central point. The fact that the traffic sources are distributed — often throughout the world — makes a DDoS attack much harder to block than one originating from a single IP address. DDoS Attacks Bigger and Badder DDoS attacks are becoming an increasingly significant problem. According to the latest Quarterly Global DDoS Attack Report  commissioned by DDoS mitigation company Prolexic, there’s been a 22 percent increase in the number of DDoS attacks carried out over the last 12 months. The attacks have also lasted longer, up 21 percent from 28.5 hours to 34.5 hours. And attacks have become far more intense, with the average attack bandwidth rising a staggering 691 percent from 6.1Gbps to 48.25Gbps. A March DDoS attack against anti-spam organization Spamhaus may have reached as much as 300Gbps, according to some reports. Studies from Arbor Networks and Akamai Technologies found similar increases in the number and intensity of DDoS attacks. “The barrier to entry of DDoS attacks in terms of cost has largely gone,” says Tim Pat Dufficy, managing director of ServerSpace, a hosting company and Internet service provider (ISP). “That means anyone can launch an attack: organized crime, a group of blackmailers, or just a disgruntled ex-employee or a competitor. And anyone can be the victim. One of our customers is a very small company that does training for people in the construction business, yet they came under attack for two weeks.” It used to be technically difficult to launch a DDoS attack, but now it’s possible to rent a botnet of tens or even hundreds of thousands of infected or “zombie” machines relatively cheaply and use these zombies to launch an attack. And as the Internet develops, home or office computers that have become zombies can make use of increasingly high bandwidth Internet connections. There are also pre-packaged  or Web-based DDoS toolkits like Low Orbit Ion Cannon and RussKill that anyone with a minimal amount of know-how can use. So what can you do to protect yourself against DDoS attacks? Identify a DDoS Attack Early If you run your own servers, then you need to be able to identify when you are under attack. That’s because the sooner you can establish that problems with your website are due to a DDoS attack, the sooner you can start to do something about it. To be in a position to do this, it’s a good idea to familiarize yourself with your typical inbound traffic profile; the more you know about what your normal traffic looks like, the easier it is to spot when its profile changes. Most DDoS attacks start as sharp spikes in traffic, and it’s helpful to be able to tell the difference between a sudden surge of legitimate visitors and the start of a DDoS attack. It’s also a good idea to nominate a DDoS leader in your company who is responsible for acting should you come under attack. Overprovision Bandwidth It generally makes sense to have more bandwidth available to your Web server than you ever think you are likely to need. That way, you can accommodate sudden and unexpected surges in traffic that could be a result of an advertising campaign, a special offer or even a mention of your company in the media. Even if you overprovision by 100 percent  – or 500 percent – that likely won’t stop a DDoS attack. But it may give you a few extra minutes to act before your resources are overwhelmed. Defend at Network Perimeter (if You Run Your Own Web Server) There are a few technical measures that can be taken to partially mitigate the effect of an attack — especially in the first minutes — and some of these are quite simple. For example, you can: rate limit your router to prevent your Web server being overwhelmed add filters to tell your router to drop packets from obvious sources of attack timeout half-open connections more aggressively drop spoofed or malformed packages set lower SYN, ICMP, and UDP flood drop thresholds But the truth is that while these steps have been effective in the past, DDoS attacks are now usually too large for these measures to have any significant effect. Again, the most you can hope for is that they will buy you a little time as an attack ramps up. Call Your ISP or Hosting Provider The next step is to call your ISP (or hosting provider if you do not host your own web server), tell them you are under attack and ask for help. Keep emergency contacts for your ISP or hosting provider readily available, so you can do this quickly. Depending on the strength of the attack, the ISP or hoster may already have detected it, or they may themselves start to be overwhelmed by the attack. You stand a better chance of withstanding a DDoS attack if your Web server is located in a hosting center than if you run it yourself. That’s because its data center will likely have far higher bandwidth links and higher capacity routers than your company has itself, and its staff will probably have more experience dealing with attacks. Having your Web server located with a hoster will also keep DDoS traffic aimed at your Web server off your corporate LAN, so at least that part of your business — including email and possibly voice over IP services — should operate normally during an attack. If an attack is large enough, the first thing a hosting company or ISP is likely to do is “null route” your traffic — which results in packets destined for your Web server being dropped before they arrive. “It can be very costly for a hosting company to allow a DDoS on to their network because it consumes a lot of bandwidth and can affect other customers, so the first thing we might do is black hole you for a while,” says Liam Enticknap, a network operations engineer at PEER 1 hosting. Tim Pat Dufficy, managing director of ISP and hosting company ServerSpace, agrees. “The first thing we do when we see a customer under attack is log on to our routers and stop the traffic getting on to our network,” he says. “That takes about two minutes to propagate globally using BGP (border gateway protocol) and then traffic falls off.” If that was the end of the story, then the DDoS attack would be successful. To get the website back online, your ISP or hosting company may divert traffic to a “scrubber” where the malicious packets can be removed before the legitimate ones are be sent on to your Web server. “We use our experience, and various tools, to understand how the traffic to your site has changed from what it was receiving before and to identify malicious packets,” explains Enticknap. He says PEER 1 has the capacity to take in, scrub and send on very high levels of traffic — as much as 20Gbps. But with levels of traffic comparable to those experienced by Spamhaus, even this scrubbing effort would likely be overwhelmed. Do have a DDoS plan in place with your ISP or hoster so that it can begin mitigation or divert your traffic to a mitigation specialist with the minimum delay. Call a DDoS Specialist For very large attacks, it’s likely that your best chance of staying online is to use a specialist DDoS mitigation company. These organizations have large scale infrastructure and use a variety of technologies, including data scrubbing, to help keep your website online. You may need to contact a DDoS mitigation company directly, or your hosting company or service provider may have a partnership agreement with one to handle large attacks. “If a customer needs DDoS mitigation then we divert their traffic to (DDoS mitigation company) Black Lotus,” says Dufficy.  ”We do this using BGP, so it only takes a few minutes.” Black Lotus’s scrubbing center can handle very high levels of traffic indeed, and sends on the cleaned traffic to its intended destination. This does result in higher latency for website users, but the alternative is that they can’t access the site at all. DDoS mitigation services are not free, so it’s up to you whether you want to pay to stay online or take the hit and wait for the DDoS attack to subside before continuing to do business. Subscribing to a DDoS mitigation service on an ongoing basis may cost a few hundred dollars a month. If you wait until you need one, however, expect to pay much more for the service and wait longer before it starts to work. DDoS mitigation specialists include: Arbor Networks Black Lotus  DOSarrest Prolexic VeriSign Source: http://www.esecurityplanet.com/network-security/5-tips-for-fighting-ddos-attacks.html

Follow this link:
5 Tips for Fighting DDoS Attacks

Bitcoin exchange: Greedy traders to blame for DDoS attack

Bears bearing botnets? The soaring value of crypto-currency Bitcoin stuttered slightly last night – after a main exchange for the currency was flooded with network traffic and Bitcoin wallet site Instawallet was suspended.…

Taken from:
Bitcoin exchange: Greedy traders to blame for DDoS attack

Call centers under attack in targeted cyber-blackmail scheme

Crooks blasting public-safety phone lines with calls The US Department of Homeland Security (DHS) has cautioned public-safety call centers against the rise of so-called telephony denial of service (TDoS) attacks, which it says have the potential to cripple local telephone exchanges.…

Read the article:
Call centers under attack in targeted cyber-blackmail scheme