Tag Archives: online

Fastly Bot Management protects websites, apps, and valuable data from malicious automated traffic

Fastly introduced Fastly Bot Management to help organizations combat automated “bot” attacks at the edge and significantly reduce the risk of fraud, DDoS attacks, account takeovers, and other online abuse. Fastly Bot Management represents an important cybersecurity milestone for the company, building on its proven bot mitigation expertise and capabilities currently available in its Next-Gen WAF. “Organizations increasingly are delivering more enhanced digital experiences to their users at the edge. Not surprisingly, cyber adversaries have … More ? The post Fastly Bot Management protects websites, apps, and valuable data from malicious automated traffic appeared first on Help Net Security .

Follow this link:
Fastly Bot Management protects websites, apps, and valuable data from malicious automated traffic

The next generation of cyber attacks — PDoS, TDoS, and others

2016 was a landmark year in cyber security. The cyber landscape was rocked as Internet of Things (IoT) threats became a reality and unleashed the first 1TB DDoS attacks — the largest in history. Security experts had long warned of the potential of IoT attacks, and a number of other predictions also came true; Advanced Persistent Denial of Service (APDoS) attacks became standard, ransom attacks continued to grow and evolve and data protection agreements dominated privacy debates. So what’s coming in 2017? Well, for years there have been theories about how a cyber attack could cripple society in some way. So what would this look like, and how could it come to fruition in 2017? An attack type that has been largely ignored that could prove to be key in a major cyber attack is the Permanent Denial of Service (PDoS) attack. This attack type is unique as rather than collecting data or providing some on-going nefarious function its only aim is to completely prevent its target’s device from functioning. PDoS, or Phlashing PDoS, also known as “phlashing”, often damages its target to such an extent that replacement or reinstallation of hardware is usually required. Although the attack type itself has been around for some time now, but it’s easy to imagine how much damage they could do it today’s connected world, and therefore it could quickly gain momentum in 2017. For example, one method PDoS leverages to accomplish its damage is remote or physical administration on the management interface of the victim’s hardware, such as routers, printers, or other networking hardware. In the case of firmware attacks, the attacker may use vulnerabilities to replace a device’s basic software with a modified, corrupt, or defective firmware image. This “bricks” the device, rendering it unusable for its original purpose until it can be repaired or replaced. Other attacks include overloading the battery or power systems. We’ve already seen the potential harm that a PDoS attack could cause, when in November last year an attack on residential apartments in Finland targeted the building management system. The attack took the system offline by blocking its Internet connection, causing it to keep rebooting itself in order to reconnect. As a result, the system was unable to supply heating at a time when temperatures were below freezing. Fortunately, the facilities service company were able to relocate residents while the system was brought back online. You only have to consider devices like Samsung’s Note 7 to see the safety hazards that the devices we all carry around with us can potentially harbor. There have been numerous test cases of malware and bots overheating devices, causing them to physically distort or worse. These attacks, bundled into a cyber attack, could have devastating and lasting effects beyond what we commonly think about in the world of the “nuisance” DDoS attack. Another attack type that has flown under the radar is Telephony Denial of Service (TDoS). This attack type will likely rise in sophistication and become a key tool in cyber attackers’ arsenals, particularly those who are more interested in wreaking havoc than having financial gain as a motivator. The rise of the Darknet Just imagine an attacker with the ability to cut off communications during a crisis period. This would hinder first responders, exacerbate suffering and in some situations it could potentially increase loss of life. A physical attack, such as a terror attack, followed by a targeted TDoS attack on communication systems could be devastating. Like PDoS, TDoS has been around for some time but again, as we depend more and more on these connected systems the impact of a targeted attack becomes magnified. One prediction that has come true in the past few years is the rise of the Darknet. However, in 2017 it could go a step further and become a mainstream tool that almost anyone can use to launch attacks or manipulate data. The Darknet offers easy and affordable access to attacks that can terrorize or otherwise alter someone’s personal details for financial or other benefits. The scope of the Darknet is also reaching further than ever thanks to the huge increase in connected devices that the general public has at their disposal. Examples include the ability to rent compromised surveillance systems, access to legal information including lawyers’ emails and the ability to view and manipulate medical or educational records. 2017 could see a frightening scenario develop where the definitive source of who we are and how our details are recorded and accessed is unknown. Just imagine being in a job interview and your CV doesn’t match your online school records. Who will the potential employer trust? This analogy can be extended to numerous scenarios, but the common thread is that your online records require high security and fidelity in order for you to function properly in society. In light of that, one of the single most personalized acts of terror that can occur is a wide-scale loss, alteration or deletion of records — with no reconstitution capability. This should strike fear in us all. Source: https://betanews.com/2017/02/09/the-next-generation-of-cyber-attacks-pdos-tdos-and-others/

View article:
The next generation of cyber attacks — PDoS, TDoS, and others

The Dyn DDOS Attack And The Changing Balance Of Online Cyber Power

As the denial of service (DDOS) attack against Dyn shook the internet a little over a week ago, it brought to the public forefront the changing dynamics of power in the online world. In the kinetic world of the past, the nation state equivalent was all-powerful, since it alone could raise the funds necessary to support the massive military and police forces necessary to command societies. In the online world, however, the “armies” being commanded are increasingly used against their will, massive networks of infected drone machines formed into botnets. The cost of acquiring, powering, cooling, connecting and operating these virtual soldiers are borne by private individuals and corporations, with criminal enterprises able to co-opt them into massive attack botnets. What does this suggest is in store for the future of the online world? The notion of using large botnets to launch globally distributed DDOS attacks is by no means a new concept and in fact has become a hallmark of the modern web. Indeed, I remember as a freshman in college 16 years ago seeing a new Linux server installed where I worked one morning and seeing the same machine being carted off by the security staff that afternoon after it had been hacked and converted into a botnet drone just a few hours after being plugged in. What makes the attack against Dyn so interesting is the scale at which it occurred and its reliance on compromised Internet of Things devices, including DVRs and webcams, allowing it to command a vastly larger and more distributed range of IP addresses than typical attacks. Making the attack even more interesting is the fact that it appears to have relied on open sourced attack software that makes it possible for even basic script kiddies to launch incredibly powerful attacks with little knowledge of the underlying processes. This suggests an immense rebalancing in the digital era in which anyone anywhere in the world, all the way down to a skilled teenager in his or her parent’s basement in a rural village somewhere in a remote corner of the world, can take down some of the web’s most visible companies and wreak havoc on the online world. That preliminary assessments suggest that the attack was carried out by private actors rather than a nation state only reinforces this shift in online power.  Warfare as a whole is shifting, with conflict transforming from nations attacking nations in clearly defined and declared geographic battlespaces to ephemeral flagless organizations waging endless global irregular warfare. In the cyber domain, as the battleground of the future increasingly places individuals and corporations in the cross hairs, this raises the fascinating question of how they can protect themselves? In particular, the attack against Dyn largely mirrored an attack against Brian Krebs’ Krebs on Security blog last month, which raises the specter of criminals and nations being able to increasingly silence their critics, extort businesses and wreak havoc on the online world, perhaps even at pivotal moments like during an election day. In the physical world, the nation state offers protection over the physical assets of companies operating in its territories, with military and police forces ensuring the sanctity of warehouses, office buildings and other tangible assets. However, in the digital world, state hackers from one country can easily compromise and knock offline the ecommerce sites of companies in other nations or leak their most vital secrets to the world. In the case of Brian Krebs’ site, his story thankfully has a happy ending, in which Alphabet’s Jigsaw (formerly Google Ideas) took over hostingof his site under their Project Shield program. Project Shield leverages Google’s massive global infrastructure to provide free hosting for journalistic sites under sustained digital attack, protecting them from repressive governments and criminal enterprises attempting to silence their online voices. Looking to the future, what options do companies have to protect themselves in an increasingly hostile digital world? Programs such as the Project on Active Defense by George Washington University’s Center for Cyber & Homeland Security are exploring the gray space of proactive countering and highly active response to cyberattacks. For example, what legal and ethical rights does a company have to try and stop an incoming cyberattack? Can it “hack back” and disable key command and control machines in a botnet or take other active approaches to disrupt the incoming traffic? What happens if a company remotely hacks into a control machine to disable it and it turns out it is an infected internet-connected oven in someone’s house and in the process of disabling it, the oven malfunctions and turns to maximum heat and eventually catches fire and burns the house down? Is the company responsible for the damage and potential loss of life? What legal responsibilities and liabilities do device manufacturers have to develop a more secure Internet of Things? If a company in 2016 still sells devices with default administrative passwords and well-known vulnerabilities that make them easy prey for botnets, should the companies bear the same burden as any other consumer safety issue? As over-the-air remote security updates become more common, should legislation be passed to require all consumer devices have the ability to be remotely updated with security patches? As the modern web celebrates more than 20 years of existence, somewhere over those last two decades the web has gone from a utopia of sharing and construction of a brighter future to a dystopia of destruction and unbridled censorship. Will the web grow up and mature to a brighter security future or will it descend into chaos with internet users fleeing to a few walled gardens like Facebook that become the “safe” version of the web? Only time will tell. Source: http://www.forbes.com/sites/kalevleetaru/2016/10/31/the-dyn-ddos-attack-and-the-changing-balance-of-online-cyber-power/#73a1613de230

More:
The Dyn DDOS Attack And The Changing Balance Of Online Cyber Power