Arbor security claims Rio was a success in terms of mitigating powerful, prolonged DDoS attacks Public facing websites belonging to organisations affiliated with the 2016 Rio Olympics were targeted by sustained, sophisticated DDoS attacks reaching up to 540Gbps, according to Arbor Networks. Many of these attacks started months before the Olympic Games had begun, but the security company said that attackers increased their efforts significantly during the games, generating the longest-duration sustained 500Gbps+ DDoS attack Arbor has ever seen. “And nobody noticed,” boasted Arbor’s Security Engineering and Response Team (ASERT). Virtual battlegrounds Just like other public services like electricity and water, the ins and outs of keeping websites up and running should be hidden from the general public, allowing them to go about their business without knowing about the virtual warfare being engaged behind server lines. And in ASERT’s opinion, the Rio Olympic Games “set the bar for rapid, professional, effective DDoS attack mitigation under the most intense scrutiny of any major international event to date”. “Over the last several months, several organizations affiliated with the Olympics have come under large-scale volumetric DDoS attacks ranging from the tens of gigabits/sec up into the hundreds of gigabits/sec,” blogged ASERT. “A large proportion of the attack volume consisted of UDP reflection/amplification attack vectors such as DNS, chargen, ntp, and SSDP, along with direct UDP packet-flooding, SYN-flooding, and application-layer attacks targeting Web and DNS services. “The defenders of the Rio Olympics’ online presence knew they’d have their work cut out for them, and prepared accordingly. “A massive amount of work was performed prior to the start of the games; understanding all the various servers, services, applications, their network access policies, tuning anomaly-detection metrics in Arbor SP, selecting and configuring situationally-appropriate Arbor TMS DDoS countermeasures, coordinating with the Arbor Cloud team for overlay ‘cloud’ DDoS mitigation services, setting up virtual teams with the appropriate operational personnel from the relevant organisations, ensuring network infrastructure and DNS BCPs were properly implemented, defining communications channels and operational procedures. “And that’s why the 2016 DDoS Olympics were an unqualified success for the defenders! Most DDoS attacks succeed simply due to the unpreparedness of the defenders – and this most definitely wasn’t the case in Rio.” However, not all defence tactics worked surrounding the Olympic Games. The Brazilian arm of hacking collective Anonymous was successful in targeting websites that included the official website of the federal government for the 2016 games and the Brazilian Ministry of Sports. Anonymous was also able to leak personal and financial data belonging to Brazilian sports domains such as the Brazilian Confederation of Boxing and the Brazilian Triathlon Confederation. “Hello Rio de Janeiro. We know that many have realized how harmful it was (and still is) the Olympic Games in the city. The media sells the illusion that the whole city celebrates and commemorate the reception of tourists from all over the world, many of them attracted by the prostitution network and drugs at a bargain price. This false happiness hides the blood shed in the suburbs of the city, mainly in the favelas thanks to countless police raids and military under the pretext of a fake war,” stated Anonymous. “Therefore, we will continue with our operations to unmask the numerous arbitrary actions of those who are state and therefore its own population enemies.” Source: http://www.techweekeurope.co.uk/security/rio-olympics-ddos-attacks-196998
Excerpt from:
Rio 2016 Olympics Suffered Sustained 540Gbps DDoS Attacks
Gaming servers are a top target of DDoS assaults,’ Imperva security researcher Ofer Gayer told IBTimes UK. Developer Blizzard’s Battle.net servers were hit with yet another DDoS attack on Tuesday (23 August) resulting in latency and connection issues in some of its popular titles including Overwatch, World of Warcraft and Hearthstone. The company acknowledged the interruption on its Twitter support channels in both the US and Europe, indicating that it was not restricted to just one region. The company also said that its sites and forums were “experiencing issues” at the time in a separate tweet. The latest attack is the second such assault targeting the developer’s servers this month and the third since the launch of its popular hero-based shooter, Overwatch, in May. It also comes at the end of which ran from 2 August to 22 August in celebration of the Olympic Games in Rio. On 3 August, Blizzard’s Battle.net servers were crippled by another massive DDoS attack that caused connection, login and latency issues across some of its popular titles. The disruption also occurred on the same day Blizzard launched its Summer Games series. Hacking collective PoodleCorp claimed responsibility for the alleged attack. The same hacker group also claimed responsibility for taking down Pokémon Go’s servers in July. In June, Blizzard’s servers were hit with another alleged DDoS attack claimed by notorious hacker group Lizard Squad that prevented players from accessing their games. DDoS attacks, which are difficult to prevent and defend against, have continued to plague online companies’ networks in recent years, particularly those of major gaming companies’ servers. “Gaming servers are a top target of DDoS assaults,” Ofer Gayer, a senior security researcher at Imperva, told IBTimes UK. “They have been hit with some of the largest and longest attacks on recent record.” He added that mitigating DDoS attacks on game servers is a “particularly complex task”. “Since only gaming platforms are highly sensitive to latency and availability issues, they’re ideal DDoS attack targets,” Gayer said. “Gamers are very sensitive to the impact on latency, so what may be considered negligible for most services, can be very frustrating for the gaming community. This can be affected by multiple factors, most prominently the distribution of scrubbing locations and TTM (time to mitigate).” Imperva’s latest DDoS Threat Landscape Report found that DDoS attacks have increased by a massive 220% over the past year “with no signs of abating”. It also noted that the UK has become the second most popular target for DDoS attacks in the world. Blizzard’s official Customer Support Twitter account later confirmed that the “technical issues” they were experiencing earlier have been resolved. At the time of publication, no hacking group has claimed responsibility for the most recent alleged DDoS attack. Source: http://www.ibtimes.co.uk/blizzards-battle-net-servers-hit-by-yet-another-ddos-attack-1577793