Tag Archives: denial of service attack

Hackers Target Destiny and Call of Duty Servers with DDoS Attack

This past weekend, several servers for Destiny went down, both on PlayStation and Xbox, following a DDoS attack. Players were booted from the servers in the middle of the game and an error message read “Cattle” on the disconnect screen. The Lizard Squad hacker group claimed responsibility for sporadic DDoS attacks on the Destiny and Call of Duty: Ghost servers. They posted about their endeavors on their Twtiter account, bragging about taking down parts of both servers. Access has since been restored and players can once more return to their games. Understandably, players had been quite upset about their game time being cut short, especially during a weekend, and many have threatened to ask for their money back, thinking that it was a technical issue from Bungie. “Destiny is currently experiencing issues matchmaking and login across all platforms. We are actively investigating this issue,” Bungie wrote on Twitter, although the message was later deleted by the company. The attack comes after another one from August, when the PlayStation Network, Battle.net, and other online games have been targeted. It’s also when the flight carrying John Smedley, the Sony Online Entertainment president, was grounded after the same hackers issued a bomb threat via Twitter. The attacks indicate that the Lizard Squad hasn’t disbanded and ceased its activities, as it was rumored earlier this month. The group’s website continues to be down, however, for unknown reasons. Source: http://news.softpedia.com/news/Hackers-Target-Destiny-and-Call-of-Duty-Servers-with-DDoS-Attack-459494.shtml

Excerpt from:
Hackers Target Destiny and Call of Duty Servers with DDoS Attack

Hackers launch DDoS attack on Obamacare website server, user data safe

In what could be another jolt for US President Barack Obama’s dream project ‘Obamacare health insurance program’, a government cybersecurity team last week discovered that an unknown hacker or a group of hackers tried to peep into a computer server supporting the HealthCare.gov website by apparently uploading malicious files. The Centers for Medicare and Medicaid Services, the lead Obamacare agency, on Thursday briefed about the intrusions to top congressional staff. “The first incidence of breach occurred on July 8”, Aaron Albright, CMS spokesman, said. According to Albright, the main objective of the hackers was not to steal personal data but to launch a distributed denial of service (DDoS) attack against other websites. In a DDoS attack, the malwares trying to communicate with the website makes the computers with internet-connectivity so overwhelmed that they fail to handle legitimate requests and lead to crash. “Our review indicates that the server did not contain consumer personal information; data was not transmitted outside the agency, and the website was not specifically targeted. We have taken measures to further strengthen security,” Albright said. Albright also shed out speculations that the attack would adversely impact on the second round of enrollment period, which begins on November 15, for the health coverage under the Obamacare. Meanwhile, the CMS’s parent agency – Office of Inspector General of the Department of Health and Human Services- and the HHS leadership have been notified of the attack and sources say investigation is under process. The Department of Homeland Security spokesperson said that the affected server has been forensically preserved by its Computer Emergency Readiness Team (US-CERT). The agency, which is also responsible in investigating cyber attacks, said that they had identified the malware designed to launch the DDoS attack and extracted them. Source: http://www.wallstreetotc.com/hackers-launch-ddos-attack-on-obamacare-website-server-user-data-safe/28570/

Original post:
Hackers launch DDoS attack on Obamacare website server, user data safe

Hackers upload malicious files on the Obamacare website to launch a DDoS Attack

Read this article:
Hackers upload malicious files on the Obamacare website to launch a DDoS Attack

BBC website and iPlayer suffer weekend outage: ‘severe load’ on servers suggests DDoS attack

The BBC hit technical problems over the weekend leaving its website and the iPlayer catch-up service unavailable to some users. Gremlins have managed to find their way into the BBC’s systems causing technical problems which are still ongoing days later. The broadcaster confirmed on Friday that it was working to fix problems causing some section of BBC online to be inaccessible. Much to their dismay, users were confronted with messages stating that content wasn’t available. “We’re fixing a problem that means some people can’t access parts of BBC Online. As soon as it’s fixed we’ll let you know.” said the BBC iPlayer Twitter account on 19 July. More than 48 hours later the BBC apologised to viewers for a lack of resolution, tweeting: “Apologies. We know some users are still unable to access BBC iPlayer. We’re working hard to resolve the issues. Thanks for your patience.” It’s unclear how many users were and still are affected by the outage but it appears to be widespread. The BBC was forced to use a simplified version of its website due to the problem. The BBC said, “engineers noticed that there was a ‘severe load’ on the servers underlying the video-on-demand system.” This suggests the problem could have been down to a DDoS (distributed denial-of-service) attack. The web iPlayer appears to be working properly now but the basic website is still in use stating: “Due to technical problems, we are displaying a simplified version of the BBC Homepage. We are working to restore normal service.” Source: http://www.pcadvisor.co.uk/news/internet/3531696/bbc-website-iplayer-suffer-weekend-outage/

View article:
BBC website and iPlayer suffer weekend outage: ‘severe load’ on servers suggests DDoS attack

$183,000 fine for man who joined Anonymous attack for ‘one minute’

Authorities in the US have shown their intolerance for so-called ‘hacktivism’ by sentencing a 38-year-old Wisconsin man to two years’ probation and an $183,000 fine for joined an online attack for just a single minute. Eric J. Rosol participated in a Distributed Denial of Service attack (DDoS) against the website for American multinational Koch Industries. DDoS attacks ‘take down’ websites by repeatedly loading them using automatic software. The attack was organised by the hacker group Anonymous and succeed in taking the website offline for only 15 minutes. Rosol pleaded guilty to one misdemeanour count of accessing a protect computer, and although both parties agree that the direct loss to Koch Industries (the second largest privately owned company in the US) was less than $5,000, because the corporation had hired a consulting group to protect its web territory for fees of $183,000 – this was the sum that Rosol must now pay. Koch Industries works in a number of industries including petroleum and manufacturing and reported revenues of $115 billion in 2013. The company is controlled by brothers Charles and David Koch (the world’s sixth and seventh richest men) who inherited it from their deceased father Fred C. Koch, the company’s founder. Koch Industries is often the subject of controversy in the US for its financial support of right-wing Tea Party and its opposition to the green energy industry. The brothers have also donated more than $120m to groups working to discredit climage change science. The DDoS attack which Rosol took part in was organized in opposition to Koch Industries’ reported weakening of trade unions. Source: http://www.independent.co.uk/life-style/gadgets-and-tech/183000-fine-for-man-who-joined-anonymous-attack-for-one-minute-8995609.html

View the original here:
$183,000 fine for man who joined Anonymous attack for ‘one minute’

Popular Bitcoin forum targeted in DNS and DDoS attack

Roughly 175,000 members registered on bitcointalk.org are being discouraged from logging into their accounts following attacks against the popular Bitcoin forum, according to an advisory on the top of the main page. “If you used your password to login between 06:00 Dec 1 UTC and 20:00 Dec 2 UTC, then your password may have been captured in a man-in-the-middle attack, and you should change your password here and wherever else you used it,” according to the advisory. On Monday, a bitcointalk.org administrator named ‘theymos’ wrote that what likely happened is an attacker took advantage of a vulnerability in the forum’s registrar, Anonymous Speech, to redirect the domain name system (DNS) to a different point. Bitcointalk.org was promptly transferred to a different registrar as a result, theymos explained, but the administrator added that those types of changes take time and that users should avoid logging into the website for about 20 hours. “Because the HTTPS protocol is pretty terrible [on the forum], this alone could have allowed the attacker to intercept and modify encrypted forum transmissions, allowing them to see passwords sent during login, authentication cookies, PMs, etc.,” theymos wrote. “Your password only could have been intercepted if you actually entered it while the forum was affected.” The administrator added, “I invalidated all security codes, so you’re not at risk of having your account stolen if you logged in using the “remember me” feature without actually entering your password.” Meanwhile, the Bitcoin forum is concurrently the target of a massive distributed denial-of-service (DDoS) attack, theymos wrote, adding that while the two events are probably linked, it is unclear why the attacker is doing both at once. Source: http://www.scmagazine.com/popular-bitcoin-forum-targeted-in-dns-and-ddos-attack/article/323311/

What Is a DDoS Attack?

What Is a DDoS Attack? Before we can understand just how groundbreaking this recent attack was, let’s first go over exactly what a denial of service attack is. It is one of the least complicated attacks that a hacker can pull off. Basically the goal is to shut down a webserver or connection to the internet. Hackers accomplish this by flooding the server with an extremely large amount of traffic. It would be like taking a wide open freeway and packing it full of the worst rush hour traffic you could imagine. Every connection to and from the freeway would grind to a halt. This would make visiting the website (or the road) next to impossible, or at the least extremely slow! In some cases, the server might overload and shut down completely. When this happens, it doesn’t mean that the website was necessarily hacked. It just means that the website was kicked off the internet for a period of time. This may not sound like that big of a deal, but if your company relies heavily on its online presence, this interruption of service could take a huge cut out of profits. DoS v. DDoS The next item to be clarified is the difference between a DoS (Denial of Service) attack and a DDoS or (Distributed Denial of Service) attack. This distinction is pretty simple: a DoS attack comes from one network or computer whereas a DDoS comes from multiple computers or networks. DDoS attacks are most always bigger than a DoS attack because the strength of the attack can be multiplied by a huge amount of computers. Source: http://www.scientificamerican.com/article.cfm?id=what-is-ddos-attack

US charges 13 Anonymous members for DDoS attacks

The U.S. has brought criminal charges against 13 persons, said to be members of the hacker group Anonymous, for their alleged participation in cyberattacks as part of a campaign called Operation Payback.The defendants and other members of Anonymous allegedly launched or attempted to launch cyberattacks against government entities, trade associations, individuals, law firms and financial institutions, according to a federal grand jury indictment released Thursday in the U.S. District Court for the Eastern District of Virginia, Alexandria division. Among the organizations targeted were the Recording Industry Association of America, the Motion Picture Association of America, the United States Copyright Office of the Library of Congress, Visa, MasterCard, and Bank of America. The method of attack was DDoS (distributed denial of service) which floods web sites with spurious Internet traffic so that they become unavailable, and the weapon of choice was the freely-available and downloadable network stress testing program known as the Low Orbit Ion Cannon or LOIC, according to the indictment. The 13 persons have been charged with one count of “conspiracy to intentionally cause damage to a protected computer” from about Sept. 16, 2010 to at least Jan. 2, 2011. All are from the U.S. and in their 20s with the exception of Geoffrey Kenneth Commander, a 65-year-old man from Hancock, New Hampshire, and Dennis Owen Collins, a man from Toledo, Ohio born in 1960. Members of Anonymous launched Operation Payback on about September 2010 to retaliate against the discontinuation of The Pirate Bay, a controversial file-sharing website in Sweden, according to the indictment. On December 4, 2010, Operation Payback planned DDoS attacks on the websites of entities that were either critical of whistle-blower website WikiLeaks or had refused to process payments for WikiLeaks, including Amazon and U.S. Senator Joseph Lieberman. The hacker group thereafter launched attacks on the website of PostFinance, a Swiss payments, e-finance, and electronic account management organization, the Swedish prosecutor’s office and a Swedish law firm. This was followed by an attack on the website of MasterCard, which cost the payment firm at least US$5,000 in losses during a one-year period, according to the indictment. Anonymous has attacked sites in the U.S. and abroad for a number of ideological reasons ranging from censorship of the Internet, the takedown of file-sharing site Megaupload, and Israel military action against Hamas. Source: http://www.pcworld.com/article/2052360/us-indicts-13-anonymous-members-for-ddos-attacks.html

Read the original:
US charges 13 Anonymous members for DDoS attacks

DDoS: The Need for Updated Defenses Lessons Learned from a Year of Attacks Against Banks

In the wake of a year of attacks waged against banking institutions by Izz ad-Din al-Qassam Cyber Fighters, the FS-ISAC’s Bill Nelson and the ABA’s Doug Johnson say the need to regularly update DDoS preparedness is a critical lesson learned. As the one-year anniversary of the start of the hacktivists’ distributed-denial-of-service attacks against U.S. banks approaches, banks need to avoid complacency and leverage new mitigation tools to ensure protection against any DDoS attack from any group, the two experts say. By taking advantage of cyber-intelligence and DDoS mitigation toolkits provided by the Financial Services Information Sharing and Analysis Center and others, banking institutions of all sizes can help prevent online outages and mimimize risk for fraud , says Nelson, who heads the FS-ISAC in the U.S. FS-ISAC’s DDoS toolkit, which has been updated three times in the last year, is available to all institutions, not just FS-ISAC members. “We’ve worked to get this out to associations and third-party banking service providers, which really have a very important role as far as DDoS,” Nelson says in an interview with Information Security Media Group. “The Web hosting environment can impact numerous institutions.” A DDoS preparedness plan should address hardware security risks, ensure sufficient bandwidth and outline collaboration with third-party service providers, Nelson says. “Setting up in advance, not just waiting to see your name on a Pastebin post, is critical,” he says. Johnson, who oversees risk management for the American Bankers Association, says institutions have to band together to ensure they have the right plans in place. “It does take that village to ensure the institutions are asking the right questions,” he says. “The threat environment is substantially different than it was before these attacks.” Beyond al-Qassam On Sept. 18, 2012, Izz ad-Din al-Qassam Cyber Fighters announced the launch of its first wave of attacks against U.S. institutions to protest a movie trailer deemed offensive to Muslims. These attacks have forever changed the way the online world approaches DDoS, Nelson says. “When we realized this DDoS attack was different … we realized quickly that we needed to stand up and create an incident response team,” he says. “The reaction was really effective, and it proved how effective information sharing could be.” But Johnson says one lesson the industry has learned over the last year is that DDoS is not just about hacktivism, and banking institutions need to be concerned about attacks from any number of players. “It’s about the broad number of DDoS attacks that the industry is suffering [attacks] from a variety of parties,” he says. For community banks, the greatest concern is not online disruption, but the threat of DDoS attacks being waged to mask fraud, Johnson says. Source: http://www.bankinfosecurity.com/interviews/ddos-need-for-updated-defenses-i-2059

Read the original:
DDoS: The Need for Updated Defenses Lessons Learned from a Year of Attacks Against Banks

Threat of the Week: Sept. 11 Quiet But DDoS On The Rise (Again)

September 11 came, it went and despite the FBI warning to credit unions to be ready for a bump in hostile activities on that anniversary date, multiple experts said they saw absolutely no traffic increase. But they also had worrisome news: There has been a sharp rise in low-grade Distributed Denial of Service (DDoS) attacks aimed at financial institutions, often in association with attempted fraud, but sometimes apparently simply an angry act by a rejected loan applicant or a terminated employee. First, the 9/11 news: “Nothing unusual happened on September 11. The reason there is nothing to report is that the volume is the same as the day before,” said Ashley Stephenson, CEO of Corero, a Hudson, Mass.-based DDoS mitigation firm. “Every day there are attacks.” Chris Novak of the Verizon Risk Team said likewise: “We saw no spike in activity on 9/11.” Rich Bolstridge, a DDoS expert with Cambridge, Mass-based network traffic firm Akamai, made it three: “We saw no increase in activity on September 11. We had expected to see activity. But it was very quiet.” The big DDoS guns fired by al Qassam and other actors usually said to be connected to nation states in the Middle East may not have been out on 9/11, but the bad news is the jump in low-grade attacks that may be small compared to the giant attacks unleashed by al Qassam are plenty large enough to knock an unprepared credit union off line and, said the experts, most credit unions remain unprepared to adequately deflect DDoS assaults of just about any magnitude. “We are surprised how naive CUs are about DDoS,” said Kirk Drake, CEO of Hagerstown, Md.-based CUSO Ongoing Operations. “They don’t realize how easy it has become for just about anyone to aim DDoS at a target.” That is the rub, Terrence Gareau, principal research scientist for DDoS mitigation firm Prolexic in Hollywood, Fla., explained: “There is a very low barrier to entry for DDoS. We are talking $5 that will buy you 600 seconds of DDoS.” That may only be 10 minutes, but the plunger who can come up with $50 could put a credit union down for an afternoon. A chilling factoid via a report from Santa Clara, Calif.-based NSFOCUS, a DDoS mitigation firm: “Based on traffic analysis, there are 1.29 DDoS attacks occurring worldwide every two minutes, on average.” The company added, “Most attacks are short and small. The report found that 93.2% of DDoS attacks were less than 30 minutes in duration and 80.1% did not surpass a traffic rate of 50 Mbps.” By contrast, the data throughput in al Qassam attacks has sometimes exceeded 45 Gbps, meaning it is vastly larger. Van Abernethy, an NSFOCUS spokesperson, elaborated, “The main news – the press focuses on the big DDoS – but the reality is that unreported DDoS goes on all the time. There are a lot of small attacks.” And then it gets worse still: “Small attacks are often accompanied by data exfiltration attempts, especially at financial institutions,” said Abernethy. Verizon’s Novak agreed: “We are seeing where DDoS is used to distract a medium-size financial institution. While they are busy fighting off the DDoS. they don’t see that terabytes of data just walked out the door. That’s scary.” A similar warning was issued a few weeks ago by respected Gartner analyst Avivah Litan who said she knew of three instances where DDoS was used to distract financial institution security as fraud was committed. She declined to offer specific details. At CUNA Mutual, risk expert Ken Otsuka said that in the past year one loss associated with a DDoS attack had been filed. He also offered no specifics. Add it up, however, and the situation is grim. DDoS as a service – available for hire by those with a grudge or with criminal intent – is increasingly available, it is cheap, and at least some providers happily accept Bitcoin, the virtual currency with some anonymity built in. Importantly, just about no technical skill is required, just a few dollars and a willingness to name a target. On the credit union front, the sense among experts is that the largest institutions – perhaps the top 25 or 50 – may have credible DDoS mitigation tools in place. As for the many thousands of others, the collective opinion is that probably most are unprotected. That could paint an attractive bull’s-eye for crooks. “There’s a trend where we see attacks going down market,” said Novak, “where the criminals are attacking smaller financial institutions because they don’t have the same defenses as the big banks.” Source: http://www.cutimes.com/2013/09/13/threat-of-the-week-sept-11-quiet-but-ddos-on-the-r

Read the article:
Threat of the Week: Sept. 11 Quiet But DDoS On The Rise (Again)