Just when you thought you could tune out the fears about DDoS (distributed denial of service) attacks, listen up: the risks for you suddenly are much graver, and it may be the time when defensive action on your part has become necessary. Yes, the fear-mongering over the May 7th DDoS blitzkrieg – which turned out to be a non-event – has prompted many credit union executives to turn off the DDoS discussion. That’s a mistake, however. “Three years ago I would have called DDoS a nuisance. Now it is a threat to many more businesses,” said Vann Abernethy, an executive with security firm NSFOCUS. A big change that is occurring, sources insist to Credit Union Times , is that for-rent DDoS networks – often costing spare change – are proliferating and they have plenty of firepower to take down most credit unions’ online presences. The scariest part: absolutely no technical skills are required to deploy what is being called DDoS as a service. All that’s needed is digital money – PayPal or BitCoin and there even are some providers that take MasterCard and Visa. Barry Shteiman, senior security strategist at Imperva, named names of sites that he said offer what seems to be DDoS for hire: SSH Booter, Empire Stresser, Quantum Stresser, Asylum Stresser, Titanium Stresser, Illuminati Stresser, Legion Stresser, Agony Stresser. The list is not complete. “There are dozens of companies selling DDoS as a service now,” said Sean Bodmer, chief researcher, Counter-Exploitation Intelligence, for CounterTack. Note: Almost all such sites claim to offer, not rogue DDoS for hire, but “stress testing” so that an organization – a credit union for instance – can check its DDoS defenses. Just one problem: sources insisted that the majority of stress-testing sites they are familiar with do no verification that the person buying the “stress test” has any affiliation whatsoever with the target. What’s fueled the rise in DDoS as a service? For one, the intense publicity for DDoS has just about everybody aware of the attack format. For two, “As email spam has become more and more a solved problem it has forced criminals with botnets to find other uses for them. DDoS lets them monetize their botnets,” said Matthew Prince, CEO of CloudFlare, a DDoS mitigation company. DDoS as a service prices are also tumbling. Hemant Jain, vice president of engineering for security company Fortinet, said that he has found providers who are selling an hour of DDoS for $5, a 24-hour day of it for $40 and a week for $260. Can’t these DDoS as service provider be shut down by law enforcement? It’s not that easy. Commented Carl Herberger, vice president of security solutions at mitigation provider Radware, “It’s important to note that ‘DDos for Hire’ websites move around in terms of their technical underpinning. They don’t stay in one area or one location for too long. It’s almost like a game of “Whack-a-Mole” – just when you think you’ve identified the location of the website, it’s already moved.” Added Chris Ensey, COO of security company Dunbar Digital Army, “These (DDoS as a service) sites are being resold like white-labeled products now. Most of the sellers are just affiliates who leverage another botnet or platform” – that is, they have none of their own infrastructure and, poof, they can be here today and back tomorrow under a new flag. That’s the problem: it is very hard to pinpoint the location of a DDoS command and control center and when it’s found, said sources, it generally is in a country with little or no law enforcement reciprocity with the United States. The bottom line for credit unions: “They have to take DDoS seriously. There is no turning this back,” said Shteiman. The good news: the attack throughputs via DDoS for hire are tiny fractions of what al Qassam is throwing at money center banks – 1% or 2% of the volume in many cases. But that is plenty to knock out a credit union that lacks defenses. As for what defenses are needed to thwart for hire DDoS, experts indicated that in most cases low-cost mitigation, within the budget of just about every credit union, ought to suffice. Talk with mitigation companies, also ask Web hosts what protections they have on hand or can line up, Small expenditures ought to bring peace of mind – at least that’s what the experts are saying today Source: http://www.cutimes.com/2013/05/28/threat-of-the-week-ddos-for-hire-on-the-rise?ref=hp
View the original here:
Threat of the Week: DDoS For Hire on the Rise
Two days before the May 13 elections, the Commission on Elections (Comelec) and the Philippine News Agency websites appeared inaccessible to the public. Cursory inspections of the websites of the Philippines’ Departments of Interior and Local Government, National Defense, Foreign Affairs, and Science and Technology, showed they were also apparently inaccessible. The pages for the Philippine National Police, the Army and Navy, and the Philippine Information Agency also could not be accessed. As of 4:10 pm., the Department of Science and Technology (DOST) acknowledged and confirmed distributed denial of service (DDoS) attacks occurring against government sites, but they did not mention where the attacks came from. In a text message to Rappler, Roy Espiritu of the DOST ICT Office said the attacks started on May 10 on gov.ph, then to additional gov.ph-based websites on May 11. He added that the DOST was working on neutralizing the attacks and determining the source. They are also assisting government agencies outside their secured servers who have asked for help. Interaksyon.com earlier reported on the possibility of the downtime being caused by a cyberattack, but noted that the Facebook page of Anonymous Philippines, a hacker-activist group, stated they would undertake no operations during this time. GMA wrote that its technical team “detected an overnight cyberattack that was still ongoing as of posting time on numerous Philippine websites, including GMA News Online, ABS-CBN News, Philippine Airlines, Globe, Smart, and more than two dozen Philippine government websites.” Based on referrer tags and forum activity, GMA also added the attacks seem to have come from Taiwan, linking to a Taiwanese webpage that seems to have reacted positively to the Philippine site downtime. The possibility of a cyberattack related to Philippine-Taiwanese tensions resulting from the shooting of a Taiwanese fisherman was also raised. While no announcement has been made by the Philippine government, Comelec spokesperson James Jimenez mentioned previously to Rappler that the Comelec website may have downtime due to the number of people visiting it, as well as the location of the Comelec website servers. It also repeated this in a recent tweet. As of 2:30 pm., Rappler could access the site, which appears to have had a redesign in time for the elections. With regard to election issues, those seeking information from the Comelec about finding one’s voting precinct but cannot access their homepage can contact the Comelec through the following hotlines: 525335; 5259297; 5259301; 5259302; 5259345; 5271892; 5516552; 5521451; 5523044. – Rappler.com For protection against your eCommerce site click here . Source: http://www.rappler.com/nation/28804-philippine-government-sites-inaccessible 
Islamist element in attacks. A pro-Islamic, anti-American hacking campaign appears to have jumped the gun and started early with hundreds of sites being compromised today. Set to take place on May 7 this month – thought to be US time – and targeting government sites in the US, Israel and India, the campaign is called #OpUSA. It is coordinated mainly through Twitter and postings on sites like Pastebin, with an unknown amount of participants. However, lists of compromised sites are already apppearing, with a group called “X-Blackerz Inc” claiming to have hacked “100 US websites”, posting anti-American messages. iTnews loaded some of the sites listed which have India-related domain names, and found them defaced. Elswhere, a group calling itself Charaf Anons posted a list of 73 defaced sites on Pastebin. The website of the Honolulu, Hawaii Police Department was also claimed to be hacked, but as of writing, it is not defaced and operates normally. However, the hackers say they have captured databases that include the Honolulu Police Department staff logins and passwords. Another one was also posted with names and phone numbers that iTnews was able to verify as belonging to police officers in Honolulu. There is more to come: on May 7, the hackers are threatening to release a trove of “all governments emails of USA” [sic] captured by them. From the Anonghost Twitter account Security researcher Analysis Intelligence believes OpUSA features “self-proclaimed online freedom fighters” such as the Pakistani ZCompany Hacking Crew and Palestinians Izz ad-Din al-Qassam Cyber Fighters. These and other groups have hacked thousands of websites in the past, leaked credit card information for American and Israeli individuals and launched denial of service attacks against US banks, according to Analysis Intelligence. The motive for the OpUSA attacks are political, seeking revenge against drone attacks and military action in Iraq, Afghanistan, Gaza and Pakistan, the analysts believe. For DDoS protection click here . Source: http://www.itnews.com.au/News/342192,opusa-hacking-spree-kicks-off-early.aspx