Healthcare organizations “are in the crosshairs” of cyber attackers, suffering one hack per month over the last year, with about half experiencing an incident involving the loss or exposure of patient information and another third unsure whether or not data was exposed, according to a new report. Conducted by the Ponemon Institute for security software company ESET, the report questioned 535 IT security practitioners from a variety of healthcare organizations, including private and public providers as well as government agencies, and found an industry beset by security breaches of all kinds. “With cyber attacks against healthcare organizations growing increasingly frequent and complex, there is more pressure to refine cybersecurity strategies,” the report’s authors wrote. “The State of Cybersecurity in Healthcare Organizations” also found that organizations struggle to deal with a variety of threats, including system failures (79 percent), unsecure medical devices (77 percent), cyberattackers (77 percent), employee-owned mobile devices or BYOD (76 percent), identity thieves (73 percent) and unsecure mobile devices (72 percent). Despite citing unsecure medical devices as a top security threat, only 27 percent of respondents said their organization has guidelines for medical devices as part of its cybersecurity strategy. The most common security incident sited was the exploitation of existing software vulnerabilities greater than three months old, according to 78 percent of respondents. Web-borne malware attacks were named by 75 percent of respondents. Following next were exploits of existing software vulnerability less than three months old (70 percent), spear phishing (69 percent) and lost or stolen devices (61 percent), according to the study. What’s more, participating organizations were only partly effective at preventing attacks. Almost half (49 percent) said their organizations experienced situations when cyberattacks have evaded their intrusion prevention systems (IPS), but many respondents (27 percent) were unsure. Another 37 percent said their organizations have experienced cyber attacks that evaded their anti-virus (AV) solutions or traditional security controls but 25 percent were unsure. On average, organizations have an APT incident every three months. Only 26 percent of respondents say their organizations have systems and controls in place to detect and stop advanced persistent threats (APTs) and 21 percent are unsure. On average, over a 12-month period, organizations had an APT attack about every 3 months (3.46 APT-related incidents in one year), the survey said. As for the consequences of theses breaches, 63 percent of respondents said the primary consequences of APTs and zero day attacks were IT downtime, followed by the inability to provide services (46 percent), while 44 percent said these incidents resulted in the theft of personal information. In addition, DDoS attacks have cost organizations on average $1.32 million in the past 12 months, the survey said. Healthcare organizations in the report spend an average of $23 million on IT and approximately 12 percent is allocated to information security. “Since an average of $1.3 million is spent annually just to deal with DDoS attacks, the business case can be made to increase technology investments to reduce the frequency of successful attacks,” the report said. Source: http://www.govhealthit.com/news/ponemon-health-orgs-hit-cyberattacks-every-month
Tag Archives: ddos-defense
Customers of large NZ website company Zeald have been hit by DDoS attack
Customers of a large New Zealand website design company have had their websites shut down due to a cyber attack believed to target one or more of the company’s customers. Customers of Zeald were informed on Thursday that some clients had experienced outages with their websites in recent weeks. The company, formed in 2001, with thousands of customers in New Zealand and Australia, has told clients the outages were caused by Distributed Denial of Service (DDoS) attacks. These attacks attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. They present a major challenge to making sure people can publish and access important information. “Simply put, a DDoS attack simulates millions of computers trying to access a website at the same time. This puts tremendous stress on the online infrastructure, and can make access to a website difficult, or impossible,” the company said in its email. “We believe these attacks are targeted at one of our customers,” it said. It said the attacks were difficult to resolve and were a rapidly expanding class of security attack. They did not involve ‘hacking’ and did not lead to the loss of confidential information, but they made it impossible to access a site. “They can be created by attackers with limited technical skill but options for dealing with them are extremely limited”. “Working with our upstream providers, we have been able to stop these attacks temporarily by blocking international traffic. Unfortunately, these attacks keep resuming and are no longer isolated to international traffic alone. These attacks are also causing major issues for our upstream providers as well as the other websites and services that they provide,” it said. “If you have experienced any kind of extortion attempt or communication threatening an attack like this please let us know. Any feedback regarding recent threats will be treated in the strictest confidence. If we know the target of the attack there are measures we can put in place to eliminate the problem”. Source: http://www.stuff.co.nz/technology/77539929/customers-of-large-nz-website-company-zeald-have-been-hit-by-cyber-attack
Excerpt from:
Customers of large NZ website company Zeald have been hit by DDoS attack
F2Pool Suffers from Series of DDoS Attacks
F2Pool, a Chinese mining pool also referred to as Discus Fish, which holds the largest share of the Bitcoin network’s hashrate at 26%, has been experiencing a series of extreme DDoS attacks. The attacks began to target the F2Pool Bitcoin mining pool almost immediately after the F2Pool team announced their decision to “test” Bitcoin Classic by launching a subpool in which miners can mine Bitcoin Classic blocks. Peter Todd and other Bitcoin experts requested the hackers and the individuals behind the series of DDoS attacks to terminate them immediately, as they are delaying the mining pools and companies to reach a consensus on the block size debate. Whomever is DoS attacking f2pool please stop. You’re only making it harder to come to consensus.https://t.co/GoicJNhcMY — Peter Todd (@petertoddbtc) February 25, 2016 Behind the DDoS attack Some bitcoin enthusiasts and supporters of Bitcoin Classic claim that the attacks have been directed and paid for by Bitcoin Core supporters, and its developers, to forcefully cause Bitcoin Classic nodes to become inoperable. A hacker, or a hacking group, that goes by the online alias botneko-chan stated on a forum that they have been paid to launch professional DDoS attacks on F2Pool’s Bitcoin Classic subpools. “Just paid, I’m professional ddoser lol. Don’t know why someone want to bring it down. Maybe increasing block size will decrease miners profit? I’m using bitcoin a lot but don’t care about it’s politics too much, XT had too fast block size grow rate which looks unrealistic to me. I think BIP100 is okay since it allows voting and also bitcoin unlimited also seems like good idea and looks simpler for me. If classic will fork to 2mb blocksize and it would be not enough then what? Next hard fork? I think protocol should support miner voting by design,” the hacker himself said on Reddit. Jonathan Toomim, the leading developer and founder of Bitcoin Classic, further explained that Chinese miners and mining pools are quite skeptical towards Bitcoin Classic as they prefer not to change pool information on their hardware to adopt the 2 megabyte hard fork. “Actual miners are lazy,” said Toomim. “They don’t like to change pool information on their hardware very often, because that would require logging into each of your machines and copy-pasting in new data to a web form and clicking submit. A typical mining farm will have hundreds to tens of thousands of these machines. The approach that Slush is taking is different. Rather than requiring users to reconfigure each machine, Slush is giving users a way to switch all of their hardware between Classic and Core by clicking on one button on Slush’s website. This should result in much faster changes.” As of now, leading bitcoin mining pools, including Antpool, F2Pool and BitFury, are supporting the roadmap and development of the Bitcoin Core development team. Source: http://cointelegraph.com/news/f2pool-suffers-from-series-of-ddos-attacks
View post:
F2Pool Suffers from Series of DDoS Attacks
Project Shield: Latest Google product could protect start-up websites from hacker DDoS attacks
On 24 February, Google and its parent company Alphabet opened the doors to Project Shield, a service designed to protect independent news websites with controversial geopolitical messages from distributed denial-of-service (DDoS) attacks. The project, which originates from the Google Ideas branch that was recently extended and rebranded as Jigsaw, has come out of an invite-only beta and is now freely available to any website not owned by a government or political party that passes through the application process. According to a Wired report, sites that have successful applications to the project will then be able to change their site’s domain name configuration which so that it redirects to a Google server. This server effectively creates a “reverse-proxy”, which then filters out malicious traffic. Google claims in an accompanying video (below) that decision to help independent websites from suffering the wrath of hackers is to reduce forced censorship, via online blackouts, for those sites that are delivering sensitive news in regions of political turmoil and/or upheaval. An example given for an early case of Project Shield’s use covers how Yahyanejad, the editor-in-chief of Balatarian.com , managed to take advantage of Google’s system to effectively null a swathe of DDoS digital strikes presumed to be intended to suppress the site’s coverage of the 2009 Iranian presidential election. “Just about anyone who’s published anything interesting has come under an attack at some point,” said Project Shield lead George Conard. “The smaller and more independent voices often don’t have the resources, whether technical or financial, to really put good protections in place…That’s where we come into the picture.” The catch, however, could be a deal breaker for some, despite the obvious positives of the service. While Alphabet executive director Eric Schmidt talks of using Jigsaw-produced schemes as being purpose-built to enable “technology to tackle the toughest geopolitical challenges,” any website making use of Project Shield is required to give Google access to its raw data logs on who is accessing the site itself. While this may cause privacy concerns, the company confirmed to Wired that the data logs will only be kept for a maximum of two weeks. Project Shield product manager CJ Adams said: “We’ve made it very explicit we don’t have the rights to commercialise anything that comes through.” Source: http://www.ibtimes.co.uk/project-shield-latest-google-product-could-protect-start-websites-hacker-ddos-attacks-1546036
Originally posted here:
Project Shield: Latest Google product could protect start-up websites from hacker DDoS attacks
How Norway’s biggest news site protects itself from DDoS attacks
Every day hackers attack Norway´s largest news site, VG. But not without risk. VG has both helped the police put hackers behind bars and alerted mothers about what their adventurous sons are up to. VG.no is one of the most successful news sites in the world. Every week 4 million Norwegians – out of a population of 5 million – visit the site for the latest news. But that also makes VG.no a target for hackers. “Whenever there is a new security hole discovered, someone want to try it on VG,” says Audun Ytterdal, head of IT operations in VG. During the Schibsted Tech Polska Winter Event 2016 he presented “War stories from the ops trenches”, describing how the media house protects itself from a continuous flow of DDoS attacks. Under attack every day VG is well prepared for hacker attacks – and is able to deal with lots of traffic without going down. According to Ytterdal the site can handle up to 30 GB per second. “Usually we see around 10.000 http-hits per second. But during the attacks we can experience up to 100.000 http-hits per second,” he explains. Called the hacker´s mum In the presentation he explains some of the technical measures taken to secure the news site from attack. But he also tells entertaining stories about how the IT staff used their technical skills to identify the hackers. And not always the hackers have everything planned out! Take for instance the young hacker who managed to take over the front page of the business site E24.no with photos of himself in a balaclava taken in his mum´s bathroom. However smart he had been breaking into the site, he had forgotten to remove the location info added to the image file when he took the photo with his mobile phone. “So we could see where he lived – and we called his mum informing her that her son was up to activities she may not approve of,” laughs Audun Ytterdal. Sent hackers to jail In another case the hackers bragged about their achievement on Twitter. That gave the IT operations department the opportunity to contact them directly. After a while they also managed to identify two of the hackers. When one of them posted a photo from a town in Southern Norway, VG was able to locate the exact house it had been taken from with use of Google Street View. The information was given to the police – and the two hackers later had to serve time in jail. Entertaining error page For a news room all alarms go off when the main site is down. And Audun Ytterdal believes it will be very hard to avoid never being shut down. So what to do when it happens? Of course identify and fix the problem. But VG also decided to give people a good laugh by designing an entertaining error page. The error page is a fun version of the normal front page of the site. “The last time we used this we had people tweeting that they would rather see the error page of VG than any other news site,” smiles Ytterdal. Source: http://www.schibsted.pl/2016/02/how-norways-biggest-news-site-protects-itself-from-ddos-attacks/
View the original here:
How Norway’s biggest news site protects itself from DDoS attacks
Anonymous: Hackers plan DDoS campaign against Israeli military to protest Mohammed Al-Qeeq detention
Hacktivists with the Anonymous hacking collective have announced plans to launch widespread DDoS strikes against the Israeli military to protest the ongoing detention of Mohammed Al-Qeeq, a Palestinian journalist who has been on hunger strike since November 2015. Al-Qeeq is a reporter for a Saudi news outlet and was arrested at his Ramallah home on 21 November by Israeli police amid claims was linked to Hamas. According to the Independent, he has been in ‘administrative detention’ ever since, which is permitted under Israeli law to detain someone without referring to a judge on the basis they are a threat to the national security. In the week after his detention he went on hunger strike and after roughly 80 days had lost most of his sight, voice and hearing abilities. “We are calling on all citizens of the world to join us in this fight to free an illegally detained man. We are organising many ongoing operations in relation to this issue,” said the hacktivists in a statement posted to PasteBin, who have branded the so-called ‘emergency operation’ as #OpAlQeeq, #OpSaveGaza and #FreeAlQeeq. The statement requested those taking part in the operation to carry out a range of tasks including calling local Israeli embassys, taking to the streets in protest and raising awareness on social media. However, the note also called for major hacking activity against ‘Israeli military forces’ and posted a slew of IP addresses relating to a range of websites including the defence ministry and the Israeli Defense Force (IDF). “Since it was the Israeli military forces that arrested and detained Mohammed Al Qeeq, then Israel military forces, his blood is on your hands,” the statement said. “We are calling on all ‘anons’ and hacktivists across the world to focus fire on Israeli military forces. Included [are] all websites associated with the Israeli military. Dump them, load them with viruses, DDoS them, break them, whatever you can do or see fit. Security analysis is already underway on all targets. Targets are listed by priority level. If this man dies in the custody of the Israeli military, Israel you can expect hell.” Anonymous has a long history with hacking Israeli targets. Last year, in a video posted online, the group vowed an ‘electronic holocaust’ against the nation in apparent statement in support of Palestine. “As we did many times, we will take down your servers, government websites, Israeli military websites, and Israeli institutions,” said a masked anonymous individual. “We will erase you from cyberspace in our electronic holocaust.” Meanwhile, in a separate attack in 2012, hackers attacks and shut down a number of websites including the Tel Aviv Stock Exchange after they were threatened by a Saudi hacker. A spokeswoman for the stock exchange confirmed at the time that the site had come under attack, but claimed that trading systems were not affected. Even most recently, following the hack at the Department of Justice that resulted in the loss of thousands of federal credentials, the hacker using the @DotGovs twitter profile who was thought to be behind the incident frequently signed off with the now-familiar phrase: #FreePalestine. Source: http://www.ibtimes.co.uk/anonymous-hackers-plan-ddos-campaign-against-israeli-military-protest-mohammed-al-qeeq-detention-1544723
Follow this link:
Anonymous: Hackers plan DDoS campaign against Israeli military to protest Mohammed Al-Qeeq detention
Several bugs detected in IBM Java Runtime could lead to DDoS attacks
Multiple vulnerabilities that could enable a remote attacker to launch a denial-of-service attack have been detected in the IBM Runtime Environment Java Technology Edition v6, according to an IBM Security Bulletin posted on Tuesday. The integrated software is used by Tivoli Composite Application Manager for SOA, a platform which provides management for services, applications and middleware. These bugs, which include the vulnerability popularly known as “SLOTH,” were reported by IBM when it updated Java SDK in January 2016. “The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake,” the bulletin stated. Employing man-in-the-middle techniques, a saboteur could exploit this flaw to mimic a TLS server and glean credentials, IBM wrote. No workarounds or mitigations have yet been provided. Source: http://www.scmagazine.com/several-bugs-detected-in-ibm-java-runtime/article/475405/
Follow this link:
Several bugs detected in IBM Java Runtime could lead to DDoS attacks
Valentine’s Day Inspires DDoS Attacks Against Online Florists
Security vendor Imperva says it has observed a sharp increase in automated bot traffic directed at florist sites. Cyber criminals have shown a consistent tendency to exploit major news and seasonal events to slip phishing and other malicious attacks past unwary victims. And so it is with this Valentine’s Day as well. Florists apparently have been receiving a lot of attention, of the unwanted variety, from online criminals, security vendor Imperva reported this week. All 34 of the company’s florist customers have experienced a sharp spike in traffic to their sites over the last few days. While some of the traffic is to be expected, considering the rush to order flowers for Valentine’s Day — a lot of it is not. According to Imperva, more than nine in 10 of the florist sites witnessed a sudden surge in bot traffic between February 5 and February 11. In about 23% of the cases, the spike in bot traffic was dramatic enough to cause problems. Contrary to what some might expect, the attack traffic did not appear to be opportunistic in nature. Rather, it looked as if the florists were being individually targeted in denial-of-service campaigns apparently designed to extort money from them. Sponsor video, mouseover for sound One of Imperva’s florist customers reported receiving a ransom note, while another experienced an application-layer denial of service attack, Imperva said. In the case of the latter victim, the company’s Content Distribution Network (CDN) provider interpreted the botnet traffic as regular user sessions, resulting in the site exceeding its contracted cache capacity. This in turn caused the CDN to route the attack traffic through its own origin servers, resulting in their site going down under DDoS traffic. A screenshot published on Imperva’s blog shows that some of the Web application attacks had originated in the United Kingdom, though one appeared to be from Latvia. Somewhat surprisingly, attackers were still going after old vulnerabilities such as Shellshock in an attempt to breach systems belonging to their targets, according to Imperva. Florists can mitigate the threat by monitoring their traffic for unexpected behavior, like heavier than normal traffic spikes, or visits from unfamiliar IP addresses. “Any unusual activity could be ‘dry runs’ by attackers foreshadowing an imminent full-blown attack,” Imperva said. The company also urged florists to monitor Twitter and sites such as Pastebin.com for chatter hinting at a potential attack on their sites. The sudden spike in malicious traffic directed at online florists reflects a common tendency among cyber crooks to escalate malware campaigns and attacks around seasonal events and major news happenings. Earlier this year, mobile network protection vendor Adaptive Mobile reported on a series of picture message spam campaigns on the Kik messenger service that were timed to coincide with seasonal events. The spam messages involved the use of images belonging to well-known brands to try and get recipients to follow links to malicious websites. What was noteworthy was the fact that each campaign was tied to a specific event. For instance, one of the Kik spam campaigns was launched around Halloween, and featured an image message purportedly from Amazon. Another campaign around Thanksgiving involved spam featuring spoofed McDonalds images, while one in the days preceding Cyber Monday featured BestBuy-related spam. While the campaign was not technically very sophisticated, the effort put into creating individual picture messages purporting to be from major brands, suggested a specialist campaign, Adaptive Mobile had noted. Source: http://www.darkreading.com/endpoint/valentines-day-inspires-ddos-attacks-against-online-florists-/d/d-id/1324312
Read the original:
Valentine’s Day Inspires DDoS Attacks Against Online Florists
Denying the deniers: how to effectively tackle DDoS attacks
DDoS as an attack vector is on the rise: here’s how to stop it from stopping your business. Distributed Denial of Service (DDoS) attacks maybe as old as the hills but they continue to be a popular, and highly effective, attack vector for hackers. In the past couple of months alone we have seen a persistent DDoS attack on the UK academic computer network JANET, which was swiftly followed by one against cloud hosting company Linode, leading to service interruptions at DNS infrastructure and data centers across the U.S. and the U.K. Indeed, recent research released by Arbor Networks in its Annual Worldwide Infrastructure Security Report stated that DDoS attacks are on the rise, with half of the 354 global respondents’ data centers suffering DDoS attacks – a 33% increase from 2014. DDoS attacks have increased in frequency for some time – giving hackers a relatively uncomplicated method to bring a website down or disrupt a web service. Although DDoS attacks do not involve the stealing of data, they can be highly damaging in other ways, not least by affecting the trust and reputation that a company has among its customers. This can lead to financial damage through lost customers and lost business. Moreover, DDoS attacks can be used as a diversionary smokescreen for more aggressive attacks, as was the case with the recent TalkTalk breach. So what can organisations do to help protect themselves against the threat of DDoS and mitigate the effects of such attacks? The first step is being able to quickly detect that you are under attack, and having a procedure in place to deal with it. Illegitimate traffic can be hard to distinguish from legitimate traffic, but the typical signs of a DDoS attack are a sharp increase in traffic to your website followed by a slowing down of performance (there are services that can continuously monitor your website’s responsiveness from an external point of view, such as Dynatrace and SolarWinds.) Once a DDoS attack is underway, you have a number of options in terms of dealing with the bombardment: ISP blocking and scrubbing – It is advisable to deal with the attack in an environment that’s removed from your network, to prevent it from affecting other areas of network performance. If you suffer a DDoS attack contact your internet service provider, as many offer DDoS protection services such as blocking the originating IP addresses or ‘scrubbing’ malicious packets. They will also probably have greater bandwidth than you and are therefore likely to be able to deal with the attack more efficiently and effectively. Blackholing – A common response to a DDoS attack is to simply route all website traffic into a black hole, thus taking the website offline until the attack ceases. The problem with this approach is that it blocks all traffic, both good and bad, which basically means that the hacker has achieved their objective. Routers and firewalls – You can set up routers and firewalls policies to filter non-critical protocols, block invalid IP addresses and shut off access to specific high-risk segments of your network in the event of an attack. However, be aware that these techniques are somewhat ineffective against more sophisticated attacks that use spoofing or valid IP addresses. Content delivery network – Using a content delivery network to create replicas of your website for customers in different locations can help reduce the impact of the DDoS attack as well as make the extra DDoS related traffic easier to combat. Anti-DDoS technology – Many of the leading firewall appliance vendors offer specialised anti-DDoS modules, that can be deployed at the perimeter of your network or data center, which are designed to detect and filter malicious traffic. However, these are not automated and need to be constantly managed and updated by your operations team. While there is no single ‘silver bullet’ solution that can stop a DDoS attack in its tracks once the traffic starts hitting your website, you can lessen its impact on your business by using a combination of the methods I’ve outlined here. As DDoS continues to be used as a cyber-weapon against websites and online resources, organisations should ensure that they have a response plan in place that includes these mitigation techniques, to help deny attempted denial-of-service attacks. Source: http://www.information-age.com/technology/security/123460891/denying-deniers-how-effectively-tackle-ddos-attacks#sthash.HM41ehWS.dpuf
Continue Reading:
Denying the deniers: how to effectively tackle DDoS attacks
World’s Largest DDoS Attack Breaks Records, Clocks At Massive 500 Gbps
In its latest Worldwide Infrastructure Security Report, Arbor Networks reports on the biggest distributed denial of service attack, which had a whopping load of 500 Gbps. The previous largest DDoS attack was of “only” 300 Gbps. It involved young aspiring hacker Seth Nolan-Mcdonagh, who temporarily took down SpamHaus’ webpage. In some cases, the attacks are carried out by state-funded organizations instead of individuals. Last year, GitHub went down after it suffered a DDoS attack, and the main suspect was China, which has a tumultuous history with the software repository. The programming website was even blocked by the Chinese authorities for a short amount of time. The yearly Arbor survey uses data from hosts, mobile service providers and service providers. The survey, which ran until November 2015, got the results based on the 354 global participants who answered questions on network safety specifically about protocols used for reflection/amplification. “The largest attack reported by a respondent this year was 500Gbps, with other respondents reporting attacks of 450Gbps, 425Gbps, and 337Gbps,” the report states. This marks a worrying trend among top-end size DDoS attacks, which get more ambitious every year. The security firm has the numbers to back this statement up. In the previous report, Arbor discovered that one-fifth of respondents got slammed with attacks that topped 50 Gbps. This year’s survey shows a hefty increase, as a quarter of respondents talk of attacks that go more than 100 Gbps. While only five respondents found evidence of DDoS attacks topping 200 Gbps, there were many reports of attacks between 100 and 200 Gbps. Arbor Networks points out that cloud-based services are increasingly becoming tempting targets, as they now make up 33 percent of attacks. Another staple of last year’s hacking attempts is the exploitation of weaknesses in the network time protocol. Reflection and amplification attacks can easily make use of the soft spots in the security infrastructure, leading to significant damages. As a countermeasure, servers keep receiving updates and security patches that should (in theory) keep them safe from attackers who gain a large response to a small query and use it towards a target of their choosing. “[S]ecurity is a human endeavor and there are skilled adversaries on both sides,” Darren Anstee, chief security technologist at Arbor Networks, says. An interesting shift exists in the DDoS attackers’ motivation: the perpetrators no longer seem to find joy in hacktivism or vandalism. Unlike in previous years, extorting the victims and banking on the vulnerabilities of network systems now seem to be the prevalent reasons. In order to accomplish this, they use multi-vector simultaneous attacks which plow through applications, services and infrastructure. A vast majority of respondents identified application-layer DDoS attacks, which targeted DNS services instead of Web servers. Looking at the larger picture, multi-vector attacks counted for 56 percent of customer outages, up from 42 percent in the previous year. More than 50 percent of the respondents told Arbor that DDoS attacks go after the inline firewalls and bring down the internet connectivity. Arbor explains that these devices are the first to fall in case of a DDoS attack and underlines that being inline can greatly add to network latency. Source: http://www.techtimes.com/articles/128260/20160127/worlds-largest-ddos-attack-breaks-records-clocks-at-massive-500-gbps-worldwide-infrastructure-security-report.htm
View article:
World’s Largest DDoS Attack Breaks Records, Clocks At Massive 500 Gbps