Tag Archives: ddos-attacks

Distributed Denial of Service (DDoS) Attacks on Major Banks Causing Problems for Customers

The websites of major U.S. banks are facing a new round of cyber attacks linked to the same group responsible for similar assaults earlier this year. The latest attacks started last week and have hit Bank of America Corp., SunTrust Banks Inc. (STI), JPMorgan Chase & Co. (JPM), U.S. Bancorp, Wells Fargo & Co. (WFC) and PNC Financial Services Group Inc. (PNC), according to two executives at companies providing security to some of the targeted banks, who asked for anonymity because they weren’t authorized to discuss clients and didn’t want their companies to become targets of computer assaults. PNC was under attack today, the executives said. A group calling itself Izz ad-Din al-Qassam Cyber Fighters announced plans to attack banks in a Dec. 10 statement posted on the website pastebin.com. The same group claimed responsibility for a series of distributed denial-of-service (DDoS) attacks in September and October that flooded bank websites with Internet traffic and caused disruptions and slowdowns for online customers. “The purpose of it is to try to disrupt or stop online banking access,” said Bill Nelson, president of the Financial Services Information Sharing and Analysis Center, which disseminates cyber threat information to the financial services industry. “There are some outages occasionally, but it hasn’t prevented customers from transacting business.” The Izz ad-Din group has said in Internet postings that the cyber attacks are in response to a video uploaded to Google Inc. (GOOG)’s YouTube ridiculing the Prophet Muhammad and offending some Muslims. Multiple Targets The current attacks, which began last week, involve the same tactics used in the earlier assault, harnessing commercial servers to pump traffic at bank websites and attacking applications including security devices such as firewalls or intrusion-detection systems, said Carl Herberger, a vice president at Radware Ltd. (RDWR), a Tel Aviv-based network security provider that is working with some of the banks. While the attackers targeted one bank per day in the previous campaign, they are hitting multiple banks in a single day this time, Herberger said. PNC, in a statement posted on its website, said it’s aware of the potential cyber threat, which could “make it difficult for our customers to log onto online banking.” “Please be assured that PNC’s website is protected by sophisticated encryption strategies that shield customer information and accounts,” the statement reads. “We have no information regarding timing, duration or intensity of this potential threat.” Slow Access Wells Fargo said its website was experiencing an unusually high volume of traffic, creating slow or intermittent access for some customers. “The vast majority of customers are not impacted, but for those who are, we encourage them to access their accounts through our stores, ATMs or by phone as we work to resolve the issue,” according to a statement e-mailed yesterday by Bridget Braxton, a Wells Fargo spokeswoman. Mark T. Pipitone, a Bank of America spokesman, declined to comment, as did Tom Kelly, a spokesman for JPMorgan. The attackers are changing their “signatures,” or techniques, every 7 to 10 minutes, requiring constant monitoring, said Scott Hammack, chief executive officer of Prolexic Technologies, a Hollywood, Florida-based company that provides protection from DDoS attacks. DDoS Attacks Denial-of-service attacks have long been a favored tactic of hacker-activists, and software kits to mount such assaults are available for purchase on the black market, Meaghan Molloy, a senior threat analyst at Mandiant Corp., an Alexandria, Virginia-based information-security firm, said in an e-mail. While the Izz ad-Din al-Qassam Cyber Fighters group said the attacks are in retaliation for the YouTube video, “it’s worth noting” that the Federal Bureau of Investigation last year warned that DDoS attacks were being used to deflect attention from fraudulent wire transfers from compromised bank accounts, Molloy said. Banks targeted in the current attacks are working with Internet-service providers and the U.S. government to share information on the tactics and techniques of the attackers, said Nelson, of the Financial Services Information Sharing and Analysis Center. Source: http://www.bloomberg.com/news/2012-12-20/major-banks-under-renewed-cyber-attack-targeting-websites.html

Read the original:
Distributed Denial of Service (DDoS) Attacks on Major Banks Causing Problems for Customers

National banking regulator advises on Distributed Denial of Service (DDoS) Attack deluge

The regulator for national banks issued an alert Friday about the apparent uptick in distributed denial-of-service (DDoS) attacks being waged against financial institutions. The note from the Office of the Comptroller of the Currency (OCC), which was addressed to the heads of national banks, federal branches and agencies, technology service providers and other related organizations, described how a recent wave of DDoS attacks are disrupting the availability of some bank websites. The spate seemed to kick off in early fall, and many top banks are still experiencing on-and-off attacks. “Each of these groups had different objectives for conducting these attacks, ranging from garnering public attention to diverting bank resources while simultaneous online attacks were underway and intended to enable fraud or steal proprietary information,” the alert said. The bulletin recommends that banks maintain a “heightened sense of awareness regarding these attacks” and ensure they are prepared to deal with them. That includes appropriating staff and third-party contractors to help thwart the attacks; implementing an incident response plan across various departments; and sharing information among affected organizations. In addition, because often the attacks target banks’ service providers, the OCC suggests that financial institutions review the response capabilities of their ISPs and web-hosting vendors. The alert also encourages banks that are sustaining a DDoS attack to remain in communication with customers, conveying any risks they face, as well as safeguards they can take. The OCC said banks should view their security in terms of risk management. But the alert also reminded institutions that they are obligated to follow the Federal Financial Institutions Examination Council (FFIEC) guidelines, which were updated in 2011 to address corporate account takeovers. Often, DDoS attacks run cover for attackers who are simultaneously logged in to victims’ bank accounts while fraudulently transferring out money from their accounts. Avivah Litan of research firm Gartner said in a blog post Friday that the alert shows the OCC is taking the threat seriously, and this will likely result in increased regulatory enforcement. “Some banks do spend enough on security – but many do not,” she wrote. “This will help ensure that all – and not just some – of the banks regulated by the OCC at least, are putting the requisite resources into defending against DDoS attacks and their attending damage.” Source: http://www.scmagazine.com/national-banking-regulator-advises-on-ddos-deluge/article/273769/

See original article:
National banking regulator advises on Distributed Denial of Service (DDoS) Attack deluge

Details of the complexity of a Distributed Denial of Service (DDoS) Attacks

DDoS‘s popularity as an attack method can be explained by how important availability is to most organizations’ ability to function. Availability is as critical to an organization today as electricity. If an organization is taken offline, it can lose the ability to generate revenue from its customers, or the ability to access cloud-based data and applications. And, if publicized, the downtime can damage its reputation and brand. Arbor Networks’ data, gathered from more than 240 service provider deployments, shows that, without question, DDoS attacks are getting bigger. Much bigger. Consider the statistics: The average attack in September was 1.67 Gbps, a 72-percent growth from September 2011. The number of mid-range attacks, ranging 2-10 Gbps, also has increased, up 14.35% so far in 2012. Very large attacks, 10 Gbps+, were up 90 percent during 2011. The largest attack this year measured 100.84 Gbps. Hackers seek out pain points for an organization, like maintaining availability, and look to exploit weaknesses in infrastructure and existing security defenses. From that perspective, DDoS is a great tool. There are three main categories of DDoS attack: Volumetric attacks These attacks attempt to consume the bandwidth either within the target network/service, or between the target network/service and the rest of the internet. These attacks are simply about causing congestion. Volumetric attacks first emerged in 2001 when Microsoft, eBay and Yahoo were taken offline by what back then was considered large attacks in the 300 Mbps range – a relatively low volume attack. With DDoS attacks now exceeding 100 Gbps, internet service providers are faced with new challenges of how to protect their networks and infrastructure. TCP state-exhaustion attacks These attacks attempt to consume the connection state tables that are present in many infrastructure components, such as load balancers, firewalls and the application servers themselves. Even high-capacity devices capable of maintaining state on millions of connections can be taken down by these attacks. Application layer attacks In 2010, there was a dramatic shift in DDoS, from primarily large volumetric attacks to smaller, harder-to-detect application-layer attacks that target some aspect of an application or service at Layer 7. These are the most sophisticated, stealthy attacks, as they can be very effective with as few as one attacking machine generating a low traffic rate (this makes these attacks very difficult to proactively detect and mitigate). ** Each of these attack types present unique challenges to network operators. The easiest attacks to mitigate are volumetric, which can be effectively mitigated by cloud-based managed security services. Attacks targeting existing infrastructure, and those that are “low-and-slow” targeting applications, are the most difficult to identify and mitigate. What makes DDoS such an effective weapon in recent years is the increasing complexity of attacks, the blending of attack types, targets and techniques. Take, for example, the recent attacks on financial institutions in the United States. These attacks used a combination of attack tools with vectors mixing application-layer attacks on HTTP, HTTPS and DNS with volumetric attack traffic on a variety of protocols including TCP, UDP, ICMP and others. The other unique characteristic of these attacks was the targeting of multiple companies in the same vertical at very high bandwidth. Compromised PHP web application servers were used as bots in the attacks. Additionally, many WordPress sites, often using the out-of-date TimThumb plug-in, were compromised around the same time. Joomla and other PHP-based applications were also leveraged. The attackers uploaded PHP WebShells to unmaintained servers and then used those shells to further deploy attack tools. The attackers connected to the tools either directly or through intermediate servers/proxies/scripts, and therefore the concept of command-and-control did not apply in the usual manner. This complex, rapidly evolving attack vector requires purpose-built tools, both on-premise and cloud-based, to provide comprehensive protection against both large attacks and those that target the application layer. And until we see pervasive deployment of best practices defenses, we can expect to see DDoS in the headlines for years to come. Winston Churchill offered some great advice that IT security professionals should keep top of mind as they adapt their defense to the threat landscape, “Success is not final, failure is not fatal: It is the courage to continue that counts.” Source: http://www.scmagazine.com/its-the-complexity-not-the-size-that-makes-ddos-effective/article/273775/

Visit link:
Details of the complexity of a Distributed Denial of Service (DDoS) Attacks

4 Banks Respond to Distributed Denial of Service (DDoS) Threats

The day after Izz ad-Din al-Qassam Cyber Fighters announced plans to launch a second wave of distributed-denial-of-service attacks on five U.S. banks, SunTrust suffered intermittent outages and Bank of America and PNC said small numbers of their customers reported having trouble accessing their sites. But it remained unclear whether the problems were the result of an attack. U.S. Bank, which did not suffer any known outages or access issues, did, however, acknowledge that new attacks could be on the way. On Dec. 11, PNC used social media to warn consumers that site outages should be expected, but that account and online-banking credentials would remain secure. And one expert was advising banks to expect the worst, saying Izz ad-Din al-Qassam Cyber Fighters’ second wave of attacks would likely be more fierce than the first. The online-monitoring site websitedown.com reported that about noon ET on Dec. 11, SunTrust Banks website suffered intermittent outages. But SunTrust executives declined to comment on the nature of the outages. BofA spokesman Mark Pipitone said that while BofA’s site suffered no overall outages, an isolated number of online-banking users reported problems accessing the site. “We’re aware of the reports of possible cyberattacks, and we’re monitoring our systems, which are fully operational,” Pipitone said in the early evening of Dec. 11. PNC spokeswoman Amy Vargo said some PNC customers may have experienced intermittent difficulty logging in on their first attempts. “We are aware of the situation and working to restore full access,” she said during the early evening of Dec. 11. “We are focused on minimizing disruption to our customers and will review the cause of this incident once full access is restored.” And U.S. Bank spokesman Tom Joyce told the Minneapolis/St. Paul Business Journal that the bank is “taking all necessary steps” to prepare for more attacks. “It’s important to note that these denial-of-service attacks are designed to slow down banks’ websites and create a nuisance for consumers,” Joyce said. “Customers can be assured that their data and funds are secure.” The hacktivist group Izz ad-Din al-Qassam Cyber Fighters named SunTrust, U.S. Bancorp, JPMorgan Chase, Bank of America and PNC Financial Services Group as targets for its next wave of DDoS attacks. The group, in a Dec. 10 post on Pastebin , announced plans for what it portrays as “Phase 2 Operation Ababil” – a second campaign of attacks waged against leading U.S. banks to protest a YouTube movie trailer deemed offensive to Muslims. All five banks were targets – along with Wells Fargo, Capital One, Regions Bank, BB&T and HSBC – during the first wave of DDoS attacks , which ran from mid-September to mid-October. During that period, each bank’s website suffered intermittent outages of varying degrees. CapOne was the only institution targeted twice in the first wave (see CapOne Takes Second DDoS Hit ). PNC’s Communications Stand Out On Dec. 11, three of the five newly targeted banks were remaining quiet, declining to comment about the threat and steps they were taking, if any, to communicate with consumers about the expectation of more attacks. BofA acknowledged isolated reports from consumers who suffered difficulty logging in. PNC, the only bank to publicly outline details surrounding the DDoS attack it suffered in the first wave, however, immediately took steps to notify the public of the possibility for a second attack. Through Dec. 11 posts on the social-networking sites Facebook and Twitter , PNC forewarned online-banking customers that outages should be expected. “This potential threat could result in high volume of electronic traffic that may make it difficult for our customers to log onto online banking,” the bank stated on its Facebook page and website . “Please be assured that PNC’s website is protected by sophisticated encryption strategies that shield customer information and accounts. We have no information regarding timing, duration or intensity of this potential threat. Please continue to follow our page for additional updates.” Fiercer Attacks Ahead? Why these five banks have been targeted for a second attack is not clear. But John Walker , an independent security professional in London and member of the European Network and Information Security Agency’s security experts team, says banks should expect the new attacks to be more fierce than the first, as the hacktivists promised in their Dec. 10 post. “By showing the game can be taken to ever-increasing levels starts to focus the mind of the victim organizations as to their frailty,” Walker says. “They [the hacktivists] are, I believe, demonstrating their power.” Walker says banks learned valuable lessons during the first wave, which will provide them with tools to better prepare this time around. But they should not be overly confident in their abilities to stave off outages. “This style of attack has not even matured yet, and there is more to come,” he says. “The time has arrived for … more techno-savvy security – and more honesty in the boardroom – as to real-time security exposure before the event, not just after it has impacted the business.” Source: http://www.bankinfosecurity.com/webinars/new-wave-ddos-attacks-how-to-prepare-respond-w-308

Continue reading here:
4 Banks Respond to Distributed Denial of Service (DDoS) Threats

British student found guilty of Anonymous PayPal Distributed Denial of Service (DDoS) Attacks

A British student has been convicted over his role in a series of denial of service attacks against PayPal, which cost the payment firm £3.5m. Christopher Weatherhead was part of an Anonymous gang that attacked PayPal in protest at the firm’s decision not to handle payments being made to whistle-blowing website Wikileaks, in an attack dubbed ‘Operation Payback’. According to multiple reports, the jury hearing the case took little more than two hours to reach their guilty verdict. Three other members of the gang had already pleaded guilty but Weatherhead had argued he had not taken part in the attacks, claiming his role had been limited to operating Anonymous chat rooms. The judge presiding over the case, Peter Testar, told the defendants that he regarded the offences as serious. Weatherhead, who was a student at Northampton University at the time of the attacks, was found guilty under the Criminal Law Act 1977, and could face jail time as a result of the guilty verdict. The Metropolitan Police arrested five youths in 2011 in connection with Operation Payback, while other suspected members were arrested by the Dutch authorities. Operation Payback had initially begun as a protest against the music industry’s anti-piracy stance, but the focus changed after Wikileaks published a series of leaked diplomatic memos. Several financial services firms including PayPal, MasterCard and Visa withdrew services from Wikileaks, and as a result drew the ire of the Anonymous activists. Source: http://www.v3.co.uk/v3-uk/news/2230251/british-student-found-guilty-of-anonymous-paypal-ddos-attacks

Link:
British student found guilty of Anonymous PayPal Distributed Denial of Service (DDoS) Attacks

Hacktivist Hints at New Distributed Denial of Service (DDoS) Attacks

The hacktivists are now letting their words speak for their actions. For the third time in one month, a source claiming to be part of the self-proclaimed hacktivist group known as Izz ad-Din al-Qassam Cyber Fighters has granted an interview to discuss the wave of high-profile distributed denial of service attacks on U.S. banks. During the recent interview with Flashpoint Global Partners , an international consulting firm, the hacktivist representative said more attacks would be waged and that methods of attacks would diverge, until a YouTube movie trailer deemed by the group to cast Islam in a negative light is removed from the Internet. “We have done what we had promised,” the source said. “If the film isn’t removed, we’ll use our other abilities according to the new conditions.” No New Attacks Since Sept. 18, the group has taken credit for attacks on 10 leading U.S. banks: Bank of America, JPMorgan Chase, Wells Fargo, PNC, U.S. Bank, CapitalOne, HSBC, SunTrust, Regions and BB&T. No new attacks have been claimed by the group since mid-October. In early November, Webster Bank and Zions Bancorp also suffered from DDoS attacks, which caused intermittent outages to their online-banking sites for several hours. While the attacks were not linked directly to Izz ad-Din al-Qassam, Zions spokesman Rob Brough said the bank did not know who was behind the attack. “There’s no way for us to know if the attack against us was just the next one [in the series of attacks waged by Izz ad-Din al-Qassam] or if it was just a coincidence,” Brough said. “What I can tell you is that we were well-prepared because of the other incidents. When we recognized that it was a DDoS attack, we had plans in place.” DDoS and Fraud? The attacks have been concerning for two reasons: customer frustration with online-banking inaccessibility and the possibility of fraud being perpetrated in the background. On Sept. 17, the Federal Bureau of Investigation, along with the Financial Services Information Sharing and Analysis Center, issued a warning about DDoS being waged to mask incidents of account takeover occurring simultaneously. In their alert, the FBI and FS-ISAC note recent attacks that linked DDoS to fraud. “In some of the incidents, before and after unauthorized transactions occurred, the bank or credit union suffered a distributed denial of service (DDoS) attack against their public Web site(s) and/or Internet Banking URL,” the alert states. “The DDoS attacks were likely used as a distraction for bank personnel to prevent them from immediately identifying a fraudulent transaction, which in most cases is necessary to stop the wire transfer” (see High Risk: What Alert Means to Banks ). So far, no bank has reported fraud linked to DDoS attacks waged by Izz ad-Din al-Qassam, but security experts question what might really be taking place in the background. Questioning Consultants’ Competency The latest interview with Izz ad-Din al-Qassam marks the third time a member claiming affiliation with the group has spoken out on the attacks. On Oct. 31, ABC News was granted an e-mail interview, and on Nov. 7 technology news site Softpedia was given e-mailed insights. During all interviews, alleged members of the Izz ad-Din al-Qassam group stressed the group was not supported by any nation-state, government or other hacktivist group, and that all of its members were merely tech-savvy volunteers with a common mission to see the YouTube video removed (see Hacktivist Speaks Out About DDoS ). In the most recent interview, the respondent defends Izz ad-Din al-Qassam’s purpose as well as the efficacy of its attacks. “Many of [the] technical comments during the attacks have made us doubtful about [the] technical competence of American companies’ security consultants,” the respondent said, when asked by Flashpoint if the botnets it used also have attacked web-hosting companies and Internet service providers. “Many of [the] technical statements about this case are not scientific, reliable or significant,” the source added. Break Suspicious, But Expected An Oct. 23 Pastebin post notes the group’s plans to temporarily halt attacks in honor of a three-day Muslim holiday. Pastebin is the public online forum Izz ad-Din al-Qassam has used to communicate updates about its attacks. The continued break from attacks is curious, says Mike Smith , a security evangelist and DDoS specialist at Web security provider Akamai Technologies. It’s just difficult to know who is behind which attacks, he says. Speculating is pointless, he says. What is clear, however, is that banking institutions and other organizations are continually targeted, and staying ahead of these attacks, regardless of who wages them, is a necessity. “We get two or more large attacks per week against our entire customer base and countless smaller ones,” Smith says. But connecting those to one hacktivist group over another is nearly impossible, he adds. “Some of those targets are financial services, some are not.” Information-sharing shortens response time, he adds. “It’s always tough to be the first target when a new attacker or technique appears because you have to work your way to a diagnosis and implement blocking: things that take time,” Smith says. “However, good incident managers and organizations doing threat intelligence share what they know with each other, so that during subsequent attacks, although of the same magnitude and lethality, the targeted organizations know what indicators there are to the start of the attack and what techniques worked the best in previous attacks.” For DDoS protection against your eCommerce site click here . Source: http://www.bankinfosecurity.com/hacktivist-hints-at-new-ddos-attacks-a-5325/op-1

More here:
Hacktivist Hints at New Distributed Denial of Service (DDoS) Attacks

Evolving Distributed Denial of Service ‘DDoS’ Attacks Force Defenders to Adapt

Distributed denial-of-service attacks get bigger and combine application-layer exploits requiring defenders to be more agile. n the past, attackers using distributed denial-of-service (DDoS) attacks to take down Web sites or network servers typically adopted one of two tactics: Flooding the site with a deluge of data or overwhelming an application server with seemingly valid requests. Companies concerned about denial-of-service attacks have generally focused more on mitigating data floods, also known as volumetric or infrastructure attacks. Yet, increasingly attackers are using a hybrid approach, using multiple vectors to attack. The attacks that hit financial firms in September and October, for example, often used a massive flood of data packets that would overwhelm a victim’s network connection, while a much smaller subset of traffic would target vulnerable applications functions, consuming server resources. “It is almost like sending a whole squadron of tanks and then have an assault team that can go in and be mores stealthy in taking out their targets,” says Carlos Morales, vice president of global sales engineering and operations for network protection firm Arbor Networks. “It broke the model that people had for stopping these things.” The one-two punch is potent. Many financial firms thought they had the defenses in place to defeat such attacks but had problems staying accessible during the onslaught. Companies prepared to handle application-layer attacks or smaller volumetric attacks could not handle the 20Gbps or more that saturated their Internet connection. Even a gateway that can keep up with 10Gbps connection speed cannot deal with twice as much–or more–traffic sent to the same server. A recent report from network-security firm Prolexic found that the average attack bandwidth had increased to nearly 5Gbps, with 20Gbps attacks quite common. In a year, the average volume of attacks had doubled, the firm found. “The late Senator Ted Stevens got mocked for saying that the Internet is a ‘series of tubes,’” says Matthew Prince, CEO of Cloudflare, a content-delivery and network-security firm. “But the Internet is a series of tubes, and you can only fit so much through it.” Companies must start creating a multi-layered approach to stopping distributed denial-of-service attacks, according to mitigation experts. The greatest amount of attack volume should be stopped inside a provider’s network, away from the company’s links to the Internet. Trying to over-provision your network for the worst case scenario will likely not work and will be very expensive to boot. “Even if you are a large bank in the U.S., you are doing less than 10Gbps of traffic across all the properties of your network combined,” says Cloudflare’s Prince. “If you have to over-provision that by 10x, that is wasting a lot of resources.” By using a service provider to filter out most of the spurious traffic at the edge of the Internet, companies can pay attention to the data that actually enters their network. Collecting information on the traffic can help a company to better develop defenses for future attacks as well, even if a company does not have the resources to identify attacks in real time. Yet, faster detection and more agile response can mean the difference between successful defenses and downtime. “Seeing an impact and understanding that there is an attack happening is not necessarily going to happen at the same time,” says Neal Quinn, chief operating officer for attack-mitigation service Prolexic. For many companies, the threat of attacks is not over, but rather, just beginning. The most recent attacks did not start with the financial industry; other industries have been hit by similar attacks for almost the last year. Companies should not expect it to end there either. The holiday season tends to be a popular time for attackers to attempt to extort money from retailers by threatening denial-of-service attacks. “It is traditionally a very busy time of year for these attacks,” Prolexic’s Quinn says. “If anything, organizations should make themselves more aware of how well they can handle these attacks.” Source: http://www.darkreading.com/security-services/167801101/security/perimeter-security/240142616/evolving-ddos-attacks-force-defenders-to-adapt.html

The New Wave of Distributed Denial of Service ‘DDoS’ attacks: How to Prepare and Respond

What will you do if your organization is the next target of a distributed denial of service attack? Hacktivists recently launched DDoS attacks that caused online outages at several major U.S. banks. Each institution was warned in advance; none were able to prevent disruptions. And while banks are the current targets, any organization could be next. Join this panel for expert insight on: Why these recent DDoS attacks elude traditional defenses; New security solutions to help detect and respond to DDoS attacks; How to respond if you are attacked – from ramping up fraud prevention in other channels to what to tell customers about the attacks. Background Beginning in mid-September, hacktivists initiated a series of sophisticated DDoS attacks against major U.S. banks, including Bank of America, Chase and Wells Fargo. The attackers claim to be waging a cyber war against top-tier banking institutions because of outrage over a YouTube movie trailer believed by the hacktivists to be anti-Islam. In each instance, the group has given at least 24 hours notice before launching the DDoS attacks. But no institution so far has successfully avoided online outages resulting from the attacks. These incidents send two clear messages to security leaders: The sophistication and strength of the DDoS attacks are greater than organizations have seen before. One industry expert measured the DDoS traffic flow at one institution to be 65 gigabytes per second – roughly 65 times heavier than previous DDoS attacks. Any organization is susceptible. Banks are today’s DDoS target, but tomorrow it could be a government agency, merchant or healthcare entity that offends a hacktivist group with the resources to launch an attack. If banks, with their mature security programs and state-of-the-art defenses, cannot ward off these attacks, then what other organization can? In this panel webinar, industry leaders with expertise in DDoS defense will present the unique qualities of these latest attacks, why no organization should feel immune, then discuss successful solutions that can empower organizations to detect, prevent and respond to attacks. Leading the discussion is Matthew Speare, SVP of IT at M&T Bancorp. He will set the stage by discussing how his institution responded to the attacks against other banks, including preparation, security controls and customer communication strategies. Speare then will be joined by thought-leaders from Akamai, Fortinet and Neustar, who will discuss a range of DDoS-related topics, including: Sophistication of Attacks – In the past, DDoS meant brute-force network attacks. Now, experts say, they are not only stronger, but also morphing into application layer attack, which makes them harder to detect and block. What have we learned from these attacks, and which new solutions are best for identifying and rerouting the DDoS traffic? A Cover for Fraud? – Sometimes DDoS attacks are meant as a distraction – to keep security personnel focused online while the fraudsters turn to other channels, such as the call center, to commit fraud. What are the account anomalies you need to be equipped to detect? Incident Response – Not only does your organization need to be prepared to respond internally to DDoS attacks, but you also need to know how to communicate externally to customers. What’s your message, and how can you take this opportunity to better explain your security posture? Source: http://www.bankinfosecurity.com/webinars/new-wave-ddos-attacks-how-to-prepare-respond-w-308

Read the article:
The New Wave of Distributed Denial of Service ‘DDoS’ attacks: How to Prepare and Respond

Use Cloud to Repel Distributed Denial of Service ‘DDoS’ attack

Employing cloud computing services could help organizations defend against the type of distributed denial of service attacks that have temporarily crippled the online service of major American banks, says NIST’s Matthew Scholl. By using cloud computing services, Scholl says in an interview with Information Security Media Group, enterprises no longer are completely dependent on their own physical infrastructure because they can add processing capabilities from the cloud to keep up with DDoS attacks. “You have an entire cloud infrastructure that you can spin up and provision to keep pace with the scale of the attack. And when the attack subsides, then you can drop an infrastructure back down again and just pay for that service that you needed when the attack occurs,” says Scholl, deputy chief of the National Institute of Standards and Technology’s computer security division. “We’ve seen use of cloud and the elasticity and the dynamic nature of cloud technology to be something that is kind of changing the economics of a DDoS attack.” In the interview, Scholl explains: Why he believes the recent DDoS attacks against banks may not be as dire as they appear [see Bank Attacks: What Have We Learned? ]; How the migration to IPv6 could help organizations can defend against DDoS attacks; Types of guidance NIST offers that could help organizations develop plans to handle DDoS attacks. Scholl says DDoS attacks won’t vanish anytime soon, but believes a government-industry partnerships could help diminish the impact of these digital assaults. “That’s going to be the solution to try to both enable us to defend against it on the organizational side and remove the capability of it at the threat side,” he says. Source: http://www.bankinfosecurity.com/interviews/nist-use-cloud-to-repel-ddos-attacks-i-1698

See more here:
Use Cloud to Repel Distributed Denial of Service ‘DDoS’ attack

Rise in DDoS Attacks, Video Streaming, Over-The-Top Conte

NTT America, a wholly owned U.S. subsidiary of NTT Communications Corporation(NTT Com) and a Tier-1 global IP network services provider, today issued its biannual state of the industry assessment of key trends shaping the broadband and IP transit industry. Michael Wheeler, executive vice president, NTT Communications Global IP Network, NTT America, said preparing Latin America for increased broadband data consumption is a priority, especially as Brazil readies for the 2014 World Cup and 2016 Summer Olympics. Additionally, demand for real-time mobile content and the rise of sophisticated DDoS attacks are other key factors changing the Internet industry. Focus Increases on Developing Brazil’s Telecom Infrastructure as World Cup and Olympics Approach As Brazil prepares for the 2014 FIFA World Cup and 2016 Summer Olympic Games, the biggest hurdle facing the country is developing its telecommunications infrastructure to improve Internet access and bandwidth capacity, according to Wheeler. Telebrás, Brazil’s state-owned service provider, is investing upwards of $400 million dollars (BRL) in the next few years to steer growth and development. As a result, domestic and international carriers are crucial in supporting the Brazilian government to meet the cellular and Internet data needs. These World Cup and Olympic events will represent the first time video content will originate from Brazil and be streamed out in such large numbers globally. NTT Communications was recently awarded a contract by Telebrás as one of two international carriers that will enable São Paulo residents to connect to international markets through a high quality network. NTT Communications was selected due to its direct access to major markets around the world and Point of Presence (POP) location in São Paulo. “Consumption of mobile video and other forms of over-the-top content will continue to grow exponentially through 2016. While most users don’t realize how demanding these service requirements are on providers, new technologies will be the driving force for developing the next-generation Internet services in both wireless and wireline,” said Wheeler. “Successful service providers will have an established infrastructure of high bandwidth, next-generation equipment and industry expertise to manage dynamic content demands.” Video Streaming and Chatting on Mobile Devices Soars; Demands Greater Expectations of Carriers The number of devices connected to IP networks will be nearly three times as high as the global population in 2016, according to a recent report from Cisco. Driven in part by the increase in devices and the capabilities of those devices, the same report concludes that IP traffic per capita will be the equivalent of all movies ever made crossing global IP networks every three minutes in 2016. In terms of consumer Internet traffic categories, Cisco estimated mobile video consumption to grow 83 percent through 2016, and online gaming is estimated to grow by 46 percent by 2016. “This generational consumption shift in Internet-based activities is changing how carriers design networks to provide the best possible user experience,” said Wheeler. “While most don’t realize how demanding these services are on providers, new technologies will be the driving force for developing the next-generation Internet services. Successful service providers will have an established infrastructure of high bandwidth, next-generation equipment and industry expertise to manage dynamic content demands.” Given the increase in over-the-top (OTT) content, the optimal network architecture that is flexible in shaping bandwidth for content distribution and delivery worldwide are fundamental to containing costs. The services Tier-1 providers offer are key to providing high-quality bandwidth and capacity to support the demand for OTT content. NTT Communications’ high level of redundancy, industry leading uptime and extensive network of peering partners can help customers prepare for this growth. DDoS Attacks Grow, Posing a Constant Financial Threat to Online Businesses With more than 7,000 attacks reported daily worldwide, distributed denial of service (DDoS) threats continue to rise in number, size, frequency and complexity. The business costs associated with DDoS attacks are substantial for any online entity. As research from industry reports indicate, monetary losses from a DDoS attack can range from $90,000 to $6.5 million per hour. Despite the growing threats, protection and mitigation efforts of many global companies, government entities and advocacy groups remain inadequate and antiquated. As DDoS attacks become more sophisticated, proper mitigation is critical. Wheeler urges businesses to prioritize a contingency plan for DDoS attacks. When companies select their mitigation service provider, it is important to understand the level and type of security support provided. “While many DDoS mitigation services are entirely automated, and as attacks become more sophisticated, the need for expert human judgment and monitoring are a necessity in determining the legitimacy of traffic,” said Wheeler. “At NTT America, our US based Security and Abuse Team is working 24 hours a day, 7 days a week, assuring that online assets and network availability are aggressively protected.” For immediate DDoS protection against your eCommerce site click here . Source: http://www.dailyfinance.com/2012/10/03/ntt-america-addresses-top-internet-trends-rise-in-/

Read this article:
Rise in DDoS Attacks, Video Streaming, Over-The-Top Conte