Tag Archives: ddos-attacks

Rossiya Segodnya Information Agency Suffers Major DDoS Attack

There was a major distributed-denial-of-service (DDoS) attack on Rossiya Segodnya International Information Agency resources, including the Sputnik website and newswire, the company’s IT department said Saturday. The attack restricted access to desktop and mobile versions of the Sputnik website. IT specialists managed to ensure the timely release of news pieces to the newswire clients. The agency’s press service said that IT specialists were working to establish the details of the attack that restricted access to desktop and mobile versions of the Sputnik website. “Rossiya Segodnya websites and mailing services were unavailable to users for two hours starting at 7:00 p.m. Moscow time [16:00 GMT],” the press service said. DDoS attacks are caused by a large number of Internet users or software simultaneously sending requests to a website until it exceeds its capacity to handle Internet traffic. The Sputnik site was unavailable for almost two hours. Source: http://sputniknews.com/art_living/20151017/1028682238/sputnik-ddos-attack.html

More:
Rossiya Segodnya Information Agency Suffers Major DDoS Attack

Anonymous cited in Web DDoS attacks at two Japan airports

A tweet purporting to be from Anonymous, a diffuse international collective of online hacker activists, warned of cyberattacks on the websites of two major airports earlier this month, police sources said Saturday. A day later, the web pages of Narita and Chubu airports were struck down. On Oct. 10, the website of Narita International Airport went down for about eight hours from around 2:30 a.m. after being overwhelmed by multiple-source traffic. The website of Chubu Centrair International Airport also became difficult to access for 8½ hours. Flights at the airports were unaffected. According to investigative sources from the Chiba and Aichi prefectural police, the Twitter post on Oct. 9 said attacks would be made on two major Japanese airports. It gave the addresses of Narita and Chubu airports. The sources said the websites of the two facilities apparently suffered “distributed denial of service” or DDoS attacks, which are intended to paralyze a targeted website by overwhelming it with high levels of traffic sent from multiple network sources. The website of the town of Taiji in Wakayama Prefecture experienced a similar cyberattack in September, which police suspect was made by Anonymous in protest of the town’s longtime practice of hunting of dolphins whereby the mammals are killed or captured after being herded into a cove. The slaughter has become a cause celebre for animal rights activists and others. Source: http://www.japantimes.co.jp/news/2015/10/17/national/crime-legal/anonymous-cited-in-web-outages-at-two-japan-airports/#.ViKA7St4AmQ

Visit site:
Anonymous cited in Web DDoS attacks at two Japan airports

oneZero outages the result of Chinese DDoS attacks

Continuing our exclusive coverage of the events unfolding at forex solutions provider oneZero, LeapRate has learned that the outages hitting oneZero and thereby some of its hosted clients over the past week are the result of distributed denial-of-service (DDoS) attacks being made against the company. After engaging multiple security contractors, the company has isolated the attacks and has determined that they originate out of China. A distributed denial-of-service (DDoS) attack is an attempt to make a machine or network resource unavailable to its intended users. It is the result of multiple compromised systems (for example a botnet) flooding the targeted system – usually one or more web servers – with traffic. The most serious attacks are distributed, meaning that the attack source is more than one (and often thousands) of unique IP addresses. Many of the cases involve forging of IP sender addresses (IP address spoofing) so that the location of the attacking machines cannot easily be identified, nor can filtering be done based on the source address. For these and other reasons, DDoS attacks are typically very effective and difficult to mitigate. oneZero management indicated to LeapRate that the attack against them has been made with a very high level of sophistication, but that the company is working very closely with security contractors and with its clients and expects the situation to be resolved. The attack against oneZero appears to be solely targeting connectivity, and has not at all affected the company’s own systems, so that no company or client data has been compromised. And so far, there has been no attempt to exploit the attack – DDoS hackers often try to blackmail their targets, requiring some sort of ransom to be paid in order to remove the attacks. Source: http://leaprate.com/2015/10/onezero-outages-the-result-of-chinese-ddos-attacks-leaprate-exclusive/

Read this article:
oneZero outages the result of Chinese DDoS attacks

Star Trek Online, Neverwinter Online struck by DDoS attacks twice in one day

Over the weekend video gamers who enjoy exploring the galaxy in Star Trek Online and fighting orcs with swords in Neverwinter Online found themselves briefly unable to do so. Some players described lag spiking so high that characters began “rubber banding”–or repeatedly teleporting back every time a player tries to move somewhere else. Cryptic Studios, Inc., the developer of Star Trek Online and Neverwinter quickly tweeted about the problem. The attack, a distributed denial of service (DDoS) attack hit the servers affecting both games and caused the network supporting them to crumble. The first hit the servers at approximately noon PST on Sunday and the second at 8pm PST on the same day. These sorts of attacks are commonly used by Internet trolls and rabble rousers to attract attention such as the likes of Lizard Squad, DerpTrolling, and LulzSec. Gaming networks are particularly susceptible to DDoS attacks with potentially thousands (or hundreds of thousands) of players expecting a flawless experience that requires the quick response of networks and servers. The attacker who claimed responsibility in the case of the Cryptic Studio’s properties is named NeverGodz (@NeverWinterGod) and may have only targeted Neverwinter Online –the effect on Star Trek Online ’s servers mere collateral damage in the attack. Due to the nature of DDoS, the damage rarely affects just one service, and can disrupt the entire data center or network node adjacent to the target. There were two separate attacks committed by @NeverwinterGod. Both attacks lasted long enough to bring both games down and make it difficult for players to log in or play. Players of both games went to Reddit ( Neverwinter Online , Star Trek Online ) and Twitter to voice their confusion as to the server issues and cited the tweets from Cryptic when they did. Some, such as STO commentator Lootcritter expressed curiosity over the reason for the attacks. So far, most attackers who hit online games have appeared to claim they do it “for the lulz,” or because the attacker is having fun. Although some, like Lizard Squad, claimed to do it to show how security at these sites is lax and unable to withstand attacks. Surviving DDoS attacks has nothing to do with traditional cybersecurity, however, and everything to do with the power and reaction time of network engineers. Most of the Internet mayhem crews and DDoS attackers to hit online games have been young, male and out to make names for themselves by causing disruption. The claims and trumpets of @NeverWinterGod looks no different. DDoS attacks easier, on the rise and a constant threat to online games In 2013, CloudFlare, Inc. CEO Matthew Prince predicted that DDoS attacks would only expand in scope and ease in 2014 and this has remained true for 2015. In April of this year, Arbor Networks, Inc. reported one of the largest DDoS attacks ever detected at 334Gbps. Akamai Technologies Limited backed up these figures stating that attacks had increased in volume and quality, the report stated that the total number of DDoS attacks increased 132.43 percent compared to Q2 2014. As for ease, one of the takeaways from Lizard Squad’s arrival was the launch of the Lizard Stresser DDoS-for-hire service, it is still online today. Although few would be foolish enough to use it after it’s previous hacks. According to Nexusguard Inc. there is a thriving market in DDoS-for-hire services even before Lizard Squad came on the scene, but if an ad hoc Internet mayhem crew could build one it shows how easily such a setup can be built. DDoS attacks are not easy to stop. Due to their distributed nature it’s impossible to squash them at the source, since the attack uses thousands to millions of computers across the globe to produce garbage connections and data directed at the target. Halting the attack at the target is difficult because all that garbage traffic can saturate the network across multiple tiers. Network engineers from anti-DDoS outfits such as Nexusguard need to work with upstream providers to filter out the garbage traffic before it reaches the smaller networks. Stopping a DDoS attack takes a lot of coordinated effort across region-spanning networks and affects more properties than just the intended target. Much in the same way a traffic jam in a city can make multiple exits from a freeway inaccessible. Efforts continue to attempt to thwart DDoS attacks, but it looks as if 2015 will continue to be a year when the volume and capabilities of attacks will rise. Update 09/14/2015 2:25pm PST: Star Trek Online and Neverwinter Online are under DDoS attack again today starting at approximately 1:45pm PST. Tweets suggest that the attacker is targeting Cryptic Studio’s Boston datacenters but did not last long, a mere 20 minutes. The attacker has shown an interest in knocking the servers offline repeatedly so there may be further attempts today. Source: http://siliconangle.com/blog/2015/09/14/star-trek-online-neverwinter-online-struck-by-ddos-attacks-twice-in-one-day/

Visit site:
Star Trek Online, Neverwinter Online struck by DDoS attacks twice in one day

Rutgers Students Want Refunds After Fifth DDoS Attack in One Year

Over 1,000 People Have Signed Change.org Petition Following September Cyberattack Rutgers students are frustrated with the university’s lackluster cybersecurity, considering the school raised tuition in part to fund $3 million worth of network upgrades after several cyberattacks brought the school to a screeching halt last semester. But on September 28, Rutgers University experienced another distributed denial of service (DDoS) attack, the fifth such attack in less than a year. That attack shut down the school’s wireless internet service, and many other services from 1 a.m. to 2 a.m. and again from 10 a.m. to approximately 3 p.m. The university acknowledged that it was “not well protected” during the first four attacks, but had said it had since begun pouring millions of dollars into its cybersecurity efforts, as we reported. This spending was cited as one of the main reasons Rutgers University’s Board of Governos approved a 2.3% increase in tutition for the 2015-2016 year. Rutgers engineering student Riccardo Mui started a change.org petition imploring Rutgers President Robert Barchi to refund the ineffectual tuition hike. Mui comes from a humble background, raised by an immigrant father who could not support him through college. This is his take on the DDoS attack: Since I came to college, I expected at least decent internet speeds, and while it usually holds up, we get DDoS attacks every time an exam rolls around. Now I would not say anything, yet I feel the need to tell all the students to join together to either get a refund or to make Rutgers change something on their own time. Why? Because Rutger’s spent over 3 million on upgrading the network, yet only 160,000 actually went to physical upgrades. Also, they used Incapsula as a DSoS attack defender, which is decent for websites, but definitely not for a University. Besides, we literally wasted all of our money because as soon as an attack was launched, it took down the network. Since there was a tuition increase, it is only fair that we get that money back. The petition reached 300 signatures within an hour, and 750 signatures within the first fifteen hours, and now has more than 1,000 signatures. The “Reasons for Signing” section is telling. Some students were simply angry that the university did not provide what they felt they deserved. Others suspected that the school did not even invest the money in cybersecurity at all. David Park commented, “Only a small percentage of the 3 million raised was actually used to improve Rutgers’ cyber defense system. If Rutgers doesn’t actually use all the money it’s raised from increasing the tuition for its actual purpose, refund the students.” Several students brought up Rutgers’ habit of spending big on athletics. For example, Chetan Kini wrote, “You can’t increase my tuition and then have something like this occur; it’s unacceptable. I’m pretty sure you gave my money to the damn football team since that’s where all our funding goes.” As Leslie Brighton said, “If Don Smith [Rutgers’s Vice President of Information Technology] was doing his job, I wouldn’t even know who he was.” Source: http://newbrunswicktoday.com/article/rutgers-students-want-refunds-after-fifth-ddos-attack-one-year

Originally posted here:
Rutgers Students Want Refunds After Fifth DDoS Attack in One Year

Businesses Beware – DDoS Attacks Are On The Rise Again Read

British businesses are being warned to bump up their protection against Direct Denial of Service (DDoS) attacks after a new study found that the number of such assaults rose hugely in the last quarter. Research by Corero Network Security found that its customers had endured a 32 percent increase in DDoS attacks compared to the previous quarter – an average of 4.5 per day. That’s according to its Trends and Analysis Report for the first half of 2015, which also found that most of the recorded DDoS attacks were smash and grab assaults that lasted less than 30 minutes. Targeted The report found that the DDoS attacks targeting its customers in the first three months of 2015 remained relatively consistent from the previous quarter – averaging three attacks per day. The daily attack volume increased in the second quarter to an average of 4.5 attacks. Corero says that the increasing use of such attacks is down to the ease in purchasing and launching DDoS attack tools, many of which can be obtained for free, and the ability to easily include these into part of a larger strategy. “Attackers are continuing to leverage DDoS attacks as part of their cyber threat arsenal to either disrupt business operations or access sensitive corporate information, and they’re doing it in increasingly creative ways that circumvent traditional security solutions or nullify the previous effectiveness of scrubbing centres,” said Dave Larson, CTO and vice president, product, Corero Network Security. “In order to effectively protect their networks, prevent disruptions to customer operations, and better protect against data theft and financial loss, companies need real-time visibility and mitigation of all DDoS attack traffic targeting their networks, regardless of size or duration.” Under attack The past few months have seen several high profile DDoS attacks as cybercriminals look to take advantage of slightly less well-developed defences in this area. NatWest’s online banking system was the victim of an attack back in August, as was parenting website Mumsnet, showing the range of potential targets. However companies are beginning to fight back against the DDoS threat, with BT announcing today the release of its own cloud-based Distributed Denial of Service (DDoS) mitigation platform, claiming that the service will help its customers stay secure amidst growing numbers of cyber-attacks. Source: http://www.techweekeurope.co.uk/security/cyberwar/corero-ddos-attacks-rise-178274#jzBwTomdGAO2LL7m.99

Read the original post:
Businesses Beware – DDoS Attacks Are On The Rise Again Read

Early warning helped five Russian banks ward off DDoS attacks

Five Russian banks that experienced a distributed denial of service (DDoS) attack Sept. 26 believed to have been aimed at starting a bitcoin-related panic had been warned in advance by the General Directorate of Security and Information Protection of the country’s Central Bank. The regulatory body’s deputy director, Artyom Sychev, was quoted by The CoinTelegraph as saying the attackers were likely trying to cause panic and destabilization rather than collect a bitcoin ransom. The early warning helped the banks fend off the attack, although they did receive threatening letters in the aftermath. The CoinTelegraph also quoted a Central Bank official saying that the letters said, “To prevent such acts in the future, the attackers are asking to send only 50 BTC to their Bitcoin wallet.” Source: http://www.scmagazine.com/ddos-attacks-on-russian-banks-reportedly-aimed-at-causing-bitcoin-panic/article/442842/

View article:
Early warning helped five Russian banks ward off DDoS attacks

NL minister says disruptions caused by DDoS are inevitable

Dutch minister of safety and justice Klaas Kijkhoff has responded in writing to questions from Labour Party PvdA about recent disruptions at Ziggo, saying internet problems due to large-scale DDoS (distributed denial of service) attacks are unavoidable. The minister said that it was primarily the job of ISPs to secure their systems against such attacks, which hit cable operator Ziggo in August. PvdA MP Astrid Osse Bridge had written earlier, saying she wanted to know to what extent public services are affected by DDoS attacks on major ISPs and what the government could do to prevent such events. Dijkhoff wrote that the government has taken action to minimize effects of DDoS attacks on their own networks and systems, adding that it was up to the government to implement such measures for ISPs. The minister said companies and bodies involved must ensure that consequences are minimised. They could take prevention measures such as by addressing and sharing information about joint botnets, networks of hijacked computers used by hackers to stage cyberattacks. Ziggo took two heavy DDoS attackes on 18 and 19 August. Source: http://www.telecompaper.com/news/nl-minister-says-disruptions-caused-by-ddos-are-inevitable–1105503

More:
NL minister says disruptions caused by DDoS are inevitable

Single gateway protest halts government websites into DDoS attacks

Internet users Wednesday night protested the plans for a single gateway by attacking and bringing down the main websites of the prime minister, the Defence Ministry and the Ministry of Information and Communication Technology. Communications experts said “denial of service” attacks flooded the three sites, effectively making them impossible to access. The sites began to recover early Wednesday. The three sites went offline at about 10pm Wednesday, after netizens warned they intended to attack, and the government said such attacks would be treated as violations of the Computer Crime Act. The ICT deputy permanent secretary, Somsak Khaosuwan, claimed his ministry’s site did not crash because of an attack, but because it was overloaded by visitors monitoring the planned attack. Sites affected as of early Wednesday were the main government information website thaigov.go.th, the ICT ministry’s site at mict.go.th and the defence ministry’s website, mod.go.th. By early Wednesday, however, only the MICT site remained inaccessible, possibly because authorities had actually taken it offline. Warnings on Wednesday afternoon from credible sources in the Thai hacking community said they planned to attack government websites to protest the recent disclosure of government plans to reduce internet access to a single gateway, controlled by CAT Telecom Co. It appeared that the government site takedowns were by internet users, who answered calls on social media to go on online and continuously click refresh, causing overloads on the three targeted sites. The simultaneous denial-of-service attack works like normal attacks by over-exceeding a website’s capacity to handle internet traffic. But whereas normal attacks are carried out by a program or bot, Wednesday night’s protest was carried out by thousands of online users. After the secret plan was accidentally disclosed by a government press release, authorities sent out Deputy Prime Minister Prajin Junthong to try to spin the plan. He said that the single gateway initiative was only a proposition and that no “firm decisions have been made.” Critics of the plan idea contend it will take away freedom of information, with some even comparing it to the tightened grip of a communist country. A change.org petition opposing the single gateway initiative passed 100,000 signatures as of Wednesday. Source: http://www.bangkokpost.com/news/security/714432/single-gateway-protest-halts-government-websites

Read the original post:
Single gateway protest halts government websites into DDoS attacks

Thai government websites offline in suspected DDoS attack

Several Thai government websites went offline on Wednesday evening (Sep 30) in an apparent Distributed Denial of Service (DDoS) attack. The websites of the Information and Communication Technology (ICT) ministry, the state-owned CAT Telecom and the Internal Security Operations Command (ISOC) were among those affected. The Thai government’s main website and the finance ministry website also went offline later on Wednesday. The alleged DDoS attacks came after online communities threatened action to protest the government’s Single Gateway plan, which aims to “control inappropriate websites and information flows from other countries via the Internet”, according to an ICT statement. According to online sources, the activists had planned to start the attacks at 10pm (11pm Singapore time), but the ICT Ministry website was already affected at 7pm. Tens of thousands of people have signed a petition against the proposal, dubbed the “Great Firewall of Thailand”, with critics saying it will allow the military to further increase censorship as well as leave the country’s IT hub status vulnerable if the gateway fails. Source: http://www.channelnewsasia.com/news/asiapacific/thai-government-websites/2161566.html

Visit site:
Thai government websites offline in suspected DDoS attack