Tag Archives: opinion

The power of passive OS fingerprinting for accurate IoT device identification

The number of IoT devices in enterprise networks and across the internet is projected to reach 29 billion by the year 2030. This exponential growth has inadvertently increased the attack surface. Each interconnected device can potentially create new avenues for cyberattacks and security breaches. The Mirai botnet demonstrated just that, by using thousands of vulnerable IoT devices to launch massive DDoS attacks on critical internet infrastructure and popular websites. To effectively safeguard against the risks … More ? The post The power of passive OS fingerprinting for accurate IoT device identification appeared first on Help Net Security .

Originally posted here:
The power of passive OS fingerprinting for accurate IoT device identification

IoT is an ecosystem, as secure as its weakest link

Remember when, three years ago, several Mirai botnets hit DNS provider Dyn and caused part of the Internet to be unreachable for most users in North America and Europe? For a moment there it really seemed that IoT security would become an indisputable necessity. Unfortunately, that did not happen, and security professionals and consumers are left trying to minimize the dangers of insecure IoT and industrial IoT devices as best they can. The problem with … More ? The post IoT is an ecosystem, as secure as its weakest link appeared first on Help Net Security .

Read More:
IoT is an ecosystem, as secure as its weakest link

Will IoT botnets catapult the industry toward security regulation in 2018?

Attackers demonstrated the power of an IoT-fueled botnet in 2016 when the Mirai botnet took down major websites like Reddit, Twitter and GitHub. Despite the damages, no significant changes to the IoT industry occurred. As a matter of fact, consumers continue to purchase and deploy IoT devices with little care outside the guarantee that the device works and the price tag is cheap. Manufacturers continue to pump out new IoT devices at a rapid pace, … More ?

Read more here:
Will IoT botnets catapult the industry toward security regulation in 2018?

Protest Aims to ‘Take Down’ WhiteHouse.Gov on Inauguration Day

National PR service circulates—then pulls—release highlighting campaign to crash government website BY: Morgan Chalfant January 14, 2017 4:56 am A leading public-relations service blasted and then removed a news release this week highlighting a campaign to protest the inauguration of Donald Trump by crashing WhiteHouse.gov. PR Newswire, a global news-release distribution service, circulated a release on Thursday highlighting a campaign launched by Protester.io, a digital protest organizing platform, to “take down” the White House website next Friday in protest of Trump’s inauguration. “On January 20th, hundreds of thousands of Americans are going to Washington, DC to march in protest of the inauguration of Donald Trump. Millions more around the country will be joining the cause from home. If you can’t make it to Washington DC on inauguration day, you can still participate by occupying whitehouse.gov online,” the release read. “Why is it important to participate? Isn’t this just another election? We haven’t lost our democracy yet, but it is most definitely under threat. The only way we’re going to defend and revive our democracy is by mobilizing.” Protester.io describes itself as a platform that helps individuals “organize protests like a crowdfunding campaign.” A description of the Inauguration Day protest on its website, named “Occupy WhiteHouse.gov,” instructs interested parties to go to the White House website on Jan. 20 and refresh the page as often as possible throughout the day. The page also includes instructions for protesters to “automate” page refresh so that their computers do this automatically. “When enough people occupy www.WhiteHouse.gov the site will go down. Please join us and stand up against this demagogue who is threatening our democracy and our security,” the protest page states. Shortly after blasting the news release, PR Newswire issued a correction, changing the headline of the release from “Protester.io Launches Campaign to Take Down WhiteHouse.gov on Inauguration Day” to “Protester.io Launches Campaign to Voice Your Opinion at WhiteHouse.gov on Inauguration Day.” Later, the news-release service removed the press release entirely. PR Newswire was purchased by Cision, a global public relations software company based in Chicago, for $841 million from British business events organizer UBM in 2015. PR Newswire is based in New York and distributes public relations messages for companies largely located in the United States and Canada, according to the New York Times. When contacted, a spokesman for Cision confirmed to the Washington Free Beacon that the original release had been modified and later removed entirely “after further evaluation.” “The issuer modified the original release at our request, but after further evaluation, we ultimately decided to remove the release in its entirety and have requested that the rest of our network remove the content as well,” Stacey Miller, director of communication for Cision, wrote in an email Friday afternoon. An organizer for the protest did not respond to a request for comment. Federal investigators have probed what are called distributed denial of service, or DDoS, attacks, which block users from websites by overloading them with traffic. Such attacks brought down Twitter, Spotify, and Amazon last October, prompting investigations by the FBI and Department of Homeland Security. It is unclear whether the planned “Occupy WhiteHouse.gov” protest campaign would constitute a DDoS attack. Attempts to reach the FBI on Friday were unsuccessful. Several protests have been organized around Inauguration Day, including the “Women’s March on Washington” that is expected to draw some 200,000 women to the nation’s capital on Jan. 21, the day following Trump’s inauguration. Fox News reported that protesters are also planning to blockade security checkpoints at the inauguration and organize a “dance party” outside the home of Vice President-elect Mike Pence. Source: http://freebeacon.com/culture/protest-aims-take-whitehouse-gov-inauguration-day/

View post:
Protest Aims to ‘Take Down’ WhiteHouse.Gov on Inauguration Day

Why you should have a DDoS defence

Duncan Hughes explains the best methods to use to effectively protect businesses and ensure networks can stand up to a DDoS attack. The latest headlines have shown that distributed denial of service (DDoS) attacks have been growing in both size and complexity. In the last month, two high-profile DDoS attacks reached more than 600 Gbps and 1 Tbps. The most recent attacks have ranked among the largest DDoS attacks on record. The ferocity and frequency of these attacks has suggested that this trend is only set to upsurge in the near future. With the most recent DDoS attack targeting the service provider, rather than a specific website, resulting in Twitter, Netflix, Reddit, Spotify and others being severely affected, it is clear to see how DDoS attackers are increasing their capability.  In my opinion, this most recent DDoS incident is a new spin on an old attack, as the bad guys are finding new and innovative ways to cause further discontent. It was an interesting point to see that the bad guys are moving upstream for DDoS attacks on the DNS providers, instead of just on sites or applications.  What is also interesting to see is that threat actors are leveraging unsecure Internet of Things (IoT) devices to launch some of these large DDoS attacks. The immediate solution is for manufacturers to eliminate the use of default or easy passwords to access and manage smart or connected devices. That said, consumer adoption will be tricky, but this change is critical for the greater security of all. This response will hinder many of the global botnets that are created and deployed for malicious use. DDoS attacks can impact businesses of all types and sizes. Retail stores, enterprises and service providers can all find themselves at threat of the DDoS crosshairs. According to a recent report commissioned by A10 Networks in its A10 Networks  IDG Connect report – everyone is a target, but some types of businesses come under fire more frequently. Entertainment and gambling are targeted the most targetted, with 33 percent of DDoS attacks aimed at that industry, followed by advertising media and web content (28 percent), and traditional and online retail (22 percent).  The financial impact of DDoS attacks for businesses can be severe and a recent Ponemon Institute study revealed that between 2011 and 2016, the costs associated with a DDoS attack swelled by 31 percent, with some larger attacks exceeding US$2 million (£1.6 million) due to lost revenue, business disruption and other hard costs. Brand and reputation damage, can also have a lasting effect which cannot be financially measured.  The IDG Connect report found the average company suffers 15 DDoS attacks per year (some averaging as many as 25 DDoS attacks annually), and the average attack causes at least 17 hours of disruption, whether that’s downtime, latency, denied customer access or crashes. That’s 255 hours of disruption a year, can businesses afford this level of interruption? I would suggest that the answer is probably not. So to be properly prepared, businesses must brace for the worst-case scenario. The following points below outline four main steps in prevention to ensure networks can stand up to a DDoS attack: Be proactive. Do not wait for a major crash. You may already be experiencing attacks with slowed or blocked customer access, which can result in lost sales or dissatisfied customers.  Beware of the “world of denial.” Ask tough questions. What do your customer satisfaction metrics reveal? Do you see indicators of lost sales? What’s the real cost of service restoration?  Hope for the best, but prepare for the worst. Invest in sufficient DDoS protection and mitigation solutions early, before a major attack strikes.  Defend against all vectors. Consider dedicated multi-vector DDoS protection using in-path mitigation, coupled with integrated threat intelligence, for the best accuracy. Include hybrid protection with a cloud-bursting service as an extra precaution to combat volumetric attacks.  Businesses of all sizes need to be able to detect and mitigate DDoS attacks particularly ‘multi-vector’ ones that simultaneously attack the bandwidth, application and network layers. This is all the more important because we have all seen that major DDoS attacks are taking place – and growing exponentially in size. Not only are the implications of this profound but these attacks are leveraging botnets comprising hundreds of thousands of unsecured IoT devices.  With industry analysts expecting IoT usage to grow substantially the issue is coming into ever more sharper focus. Referring back to the Ponemon research, some of the main findings really bring to light the extent of the problem. From the research in which over 1000 IT and IT security practitioners in North America and EMEA participated, one of the most frightening takeaways was that organisations are highly concerned that they aren’t able to detect and stop encrypted attacks, but aren’t sure where to start or how best to defend their business. Clearly a lot needs to be done within the industry to protect against cyber-security threats.  The one key thing that should be reflected from this is to not let your network remain unprotected against such attacks that are noticeably increasing and could end up being more costly for your business in the long run. Source: http://www.scmagazineuk.com/why-you-should-have-a-ddos-defence/article/570782

View post:
Why you should have a DDoS defence

Mike McNeill’s Diary for Monday, July 11, 2016: Fighting off the DDoS

magnoliareporter.com experienced some technical issues on Friday. Our website is hosted by a service known as TownNews.com , which hosts and provides technical assistance to thousands of media-oriented websites across the country. TownNews.com was hit by a directed denial of service (DDoS) attack on Friday afternoon. This mainly manifested itself by making it difficult for us — and hundreds of other websites — to access our servers and make changes. People may have had difficulty accessing our website during that time. We do not think that our thousands of daily visitors have anything to worry about as TownNews.com technology responded immediately. That said, it is probably a good thing that we are not president of the United States. To us, hackers present a clear and present danger to the security of the United States, which has our permission to deal with them with extreme prejudice. North Korea is bent out of shape over the pending deployment by South Korea of the U.S.-made Terminal High Altitude Defense System, or THAAD. THAAD launchers and fire control systems are made in East Camden. North Korea’s military said in a statement that, “There will be physical response measures from us as soon as the location and time that the invasionary tool for U.S. world supremacy, THAAD, will be brought into South Korea are confirmed. It is the unwavering will of our army to deal a ruthless retaliatory strike and turn (the South) into a sea of fire and a pile of ashes the moment we have an order to carry it out.” Ohhhhhhh. We’re scared. Seriously, how many submarines, cruisers, aircraft carriers, bombers and drones are circling offshore North Korea, ready to unleash hell at any given moment? And that’s just the U.S. military. That sea of fire and pile of ashes looks a lot like future downtown Pyougyang to us. The Magnolia School District website is having a makeover. We’ll let you know when the site is up and running. Looking for more widely spread drought conditions when the new report comes out later this week. We’re expecting more abnormally dry conditions in South Arkansas. Patrick Posey died Saturday at his home near Benton, LA. Posey and his wife, Susan, performed much of the mural restoration work around the square a few years ago. Some fool vandalized highway signs in the Walkerville area on during the weekend, but the hate speech written on them was cleaned up. Our new online poll asks for your opinion about the state of race relations in Columbia County – whether they are better, worse or about the same as a decade ago. Another question might be what each of us, as individuals, is doing to make things better. Five years ago, we reported that Walkerville Cumberland Presbyterian Church was dedicating a new manse. A year ago, we reported that Betsy Production was drilling an oil well on the SAU campus. Vice President Aaron Burr shot and mortally wounded former Treasury Secretary Alexander Hamilton in a duel on this date in 1804. Author E.B. White was born on this date in 1899. George Gershwin died on this date in 1937. Source: http://www.magnoliareporter.com/news_and_business/mike_mcneills_diary/article_733b45f8-4720-11e6-9e2d-97f7f136ad46.html

Taken from:
Mike McNeill’s Diary for Monday, July 11, 2016: Fighting off the DDoS

Xen Project plugs critical host hijacking flaw, patch ASAP

The latest security update (XSA-145 through 153) for the popular Xen virtualization software fixes nine issues. Eight of them can lead to Denial of Service, but the ninth is much more serious than…

Read More:
Xen Project plugs critical host hijacking flaw, patch ASAP

Companies expects others to protect them against DDoS attacks

One in five businesses surveyed believe that their online services should be protected against DDoS attacks by their IT service providers (in particular, network providers). However, this responsibili…

More:
Companies expects others to protect them against DDoS attacks

Android malware spotted hitching a ride on mobile botnet

Obad boy enlists an ally for Google spam splurge Kaspersky Lab has reported the first sighting of mobile malware (Android, of course) that piggybacks on the back of a separate mobile botnet and uses the resources of other malware once it’s installed.…

Read More:
Android malware spotted hitching a ride on mobile botnet