Police computer communication went down for almost an hour An attack targeting the computer systems of the public services in Phoenix, Arizona, affected the city’s activity for a period of almost an hour. Police work was also impacted, as officers were not able to search for information about suspects from the computers in their cars. According to information from inside sources, the attack had been carried out for days in a row, culminating with a disruption of the system on Saturday. No sensitive information was stolen There is no information about the identity of the attackers or their purpose, but Randell Smith, City CISO (Chief Information Security Officer), said in an interview for Fox 10 that he believed the goal to be gaining access to the network and obtaining as much personally identifiable information (PII) as possible; this is generally used for financial gains. No other possible reason was given by the CISO, who told the TV station that the defense tactics had held and no data could be exfiltrated. Over the weekend, the city’s servers received a heavy DDoS blow resulting in a 45-minute outage, and the public safety systems could not send information to police officers requesting details about names, license plates, and checking criminal records. Radio is the main communication system, which means that officers can still deliver details from the field to their colleagues. Important to note is that the entire computer system of the public service is affected, and the cybercriminals do not focus on a particular department. The city of Phoenix contacted the FBI along with technology partners to help put an end to the attacks. DDoS attack services can be rented At the moment, the City of Phoenix website is available intermittently until midnight Tuesday, for maintenance reasons and probably for analyzing any clues the crooks may have left behind. The current situation was uncovered by Fox 10, who managed to obtain internal letters containing references to the attack. In one of them, a deputy city manager wrote that the city could be under a coordinated denial of service (DoS) attack, given its intensity and persistence. Although it may appear a difficult task to pull, DSoS attacks can be easily carried out, even by those with little technical knowledge. The criminal market provides such services that can be sustained for a week, for as little as $100 / €79. Depending on the level of protection of the target system and the size of the attack, the price goes up. Still, for strong servers or websites with better protection in place, the cost is about $500 / €394 for a week-long incident. Source: http://news.softpedia.com/news/City-of-Phoenix-Computers-Under-DDoS-Attack-463286.shtml
Continue Reading:
City of Phoenix Computers Under DDoS Attack
Majority of DDoS traffic in 2014 originated from India, says a new research from Symantec. Of the top 50 countries that witnessed the highest volume of originating DDoS traffic, India accounted for 26 percent of all DDoS traffic, followed by the USA with 17 percent, the research said. The results prove India has a high number of bot infected machines and a low adoption rate of filtering of spoofed packets, but may not imply that people behind the attacks are located in India because DDoS attacks are often orchestrated remotely. However, the study indicates that India is emerging as a hotbed to launch these attacks, potentially because of the low cyber security awareness, lack of adequate security practices and infrastructure, said Tarun Kaura, director, Technology Sales at Symantec India. The year 2014 saw an increase in the compromise of Linux servers, including those from cloud providers. These high bandwidth servers are then used as part of a botnet to perform DDoS attacks. The so-called “Booter” services can be hired for as little as INR 300 ($5 USD) to perform DDoS attacks for a few minutes against any target. Longer attacks can be bought for larger prices. They also offer monthly subscription services, often used by gamers to take down competitors. As the most attacked sector globally, the gaming industry experiences nearly 46 percent of attacks, followed by the software and media sectors While it’s not happening on a broad scale now, it’s likely we’ll see an increase in DDoS attacks originating from mobile and IoT devices in the future, Symantec said. DDoS attacks make an online service unavailable by overwhelming it with traffic from multiple sources. A Domain Name Server (DNS) amplification attack is a popular form of DDoS, which floods a publically available target system with DNS response traffic. Symantec’s research indicates that DNS amplification attacks have increased by 183 percent from January to August 2014. Motivations behind DDoS Attacks include hacking and financial blackmail with the threat of taking the business offline personal grudge. It also acts as a diversion technique to distract IT security response teams while a targeted attack is conducted. Source: http://www.infotechlead.com/2014/10/24/india-accounts-26-top-ddos-traffic-symantec-26196