Some in the IEEE reckon it’d be a good idea, before your toaster burns more than bread The Internet toaster that’s browning your crumpets, talking to its home servers, and participating in a ransomware-distributing botnet should get the kind of cyber-safety testing that it gets for physical safety.…
See the article here:
Does the Internet of Things need an indie security assessor?
Every day hackers attack Norway´s largest news site, VG. But not without risk. VG has both helped the police put hackers behind bars and alerted mothers about what their adventurous sons are up to. VG.no is one of the most successful news sites in the world. Every week 4 million Norwegians – out of a population of 5 million – visit the site for the latest news. But that also makes VG.no a target for hackers. “Whenever there is a new security hole discovered, someone want to try it on VG,” says Audun Ytterdal, head of IT operations in VG. During the Schibsted Tech Polska Winter Event 2016 he presented “War stories from the ops trenches”, describing how the media house protects itself from a continuous flow of DDoS attacks. Under attack every day VG is well prepared for hacker attacks – and is able to deal with lots of traffic without going down. According to Ytterdal the site can handle up to 30 GB per second. “Usually we see around 10.000 http-hits per second. But during the attacks we can experience up to 100.000 http-hits per second,” he explains. Called the hacker´s mum In the presentation he explains some of the technical measures taken to secure the news site from attack. But he also tells entertaining stories about how the IT staff used their technical skills to identify the hackers. And not always the hackers have everything planned out! Take for instance the young hacker who managed to take over the front page of the business site E24.no with photos of himself in a balaclava taken in his mum´s bathroom. However smart he had been breaking into the site, he had forgotten to remove the location info added to the image file when he took the photo with his mobile phone. “So we could see where he lived – and we called his mum informing her that her son was up to activities she may not approve of,” laughs Audun Ytterdal. Sent hackers to jail In another case the hackers bragged about their achievement on Twitter. That gave the IT operations department the opportunity to contact them directly. After a while they also managed to identify two of the hackers. When one of them posted a photo from a town in Southern Norway, VG was able to locate the exact house it had been taken from with use of Google Street View. The information was given to the police – and the two hackers later had to serve time in jail. Entertaining error page For a news room all alarms go off when the main site is down. And Audun Ytterdal believes it will be very hard to avoid never being shut down. So what to do when it happens? Of course identify and fix the problem. But VG also decided to give people a good laugh by designing an entertaining error page. The error page is a fun version of the normal front page of the site. “The last time we used this we had people tweeting that they would rather see the error page of VG than any other news site,” smiles Ytterdal. Source: http://www.schibsted.pl/2016/02/how-norways-biggest-news-site-protects-itself-from-ddos-attacks/
View the original here:
How Norway’s biggest news site protects itself from DDoS attacks
The Serbian president’s website faced a large-scale “hacking” attack on Monday, which brought it down for several hours, his press office said. A statement carried by Tanjug explained that the distributed denial-of-service attack (SYN flood) targeted www.predsednik.rs, and that the president’s website is “subject to daily hacking attacks.” In a SYN flood attack, the server is overwhelmed by a large number of legitimate and false connections requests which consume its resources and render it unresponsive or difficult to access. “The hosting and security of the president’s website falls within the competence of the Defense Ministry. In cooperation with Telekom Srbija, the ministry blocked and prevented further attacks and possible damage to the computer equipment and services,” the statement said. Source:http://www.b92.net/eng/news/crimes.php?yyyy=2016&mm=02&dd=23&nav_id=97147
Read this article:
Serbian President’s website comes under DDoS attack
New paper points to security protocol as vector for DDoS attacks The complex security protocol for the domain name system – DNSSEC – has another black mark against it: it is being used as a way to carry out denial-of-service (DDoS) attacks.…
The contract between Department of Homeland Security (DHS) and Galois was signed in January. However, HackRead had a chance to discuss the contract with Galois. Galois and the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) have formalized a contract to develop technology for preventing and combating extensive, sophisticated DDoS (Distributed Denial of Service) attacks . In fact, an official announcement was made by Galois in which the company informed media about signing up a $1.7million contract with the DHS S&T Cyber Security Division. The contract is part of the larger Distributed Denial of Service Defenses (DDoSD) program initiated by the DHS S&T Cyber Security Division. The problem with DDoS attacks is that these can cripple even the most established and largest organizations. These happen to be devastating for small and/or medium-sized businesses. The generated amount of traffic is adequate to drench their internet connections multiple times and it becomes challenging to get the ISP (internet service provider) to take the matter seriously and respond quickly. DHS Developing Technology to Thwart DDoS attacks Quicker than Ever Before The project that DHS is planning with Galois is dubbed as DDoS Defense for a Community of Peers (3DCoP) and it involves peer-to-peer collaboration mechanism with which the organizations detect and combat DDoS attacks by working in cooperation. According to Adam Wick, Galois’ Research Lead, Mobile & Security Systems Software: “Current DDoS defense systems are proving ineffective because they operate in isolation, which introduces delays in the detection, reporting, and response to a DDoS attack. This delay is critical. It provides positive feedback to the attacker, who will continue to send more and more traffic to the target network. Our solution advances the state of DDoS defense by providing new tools that allow multiple defenders to coordinate their response, resulting in earlier detection and faster DDoS mitigation.” It is not a hidden fact that DDoS attacks are a great threat for all kinds of industries and sectors alike such as news entities, financial institutions, critical infrastructure organizations and government agencies, etc. Under the contract with DHS, Galois aims to curb rising DDoS attack threats via the following measures: 1: Minimizing mitigation response duration by at least 50% and 75 to 90 percent reduction in peak traffic 2: 25% reduction in the duration between the launching of DDoS attack and its detection Resultantly, organizations and institutional entities will be able to thwart DDoS attacks prior to its completion. HackRead had a chance to have a conversation with Adam Wick and here’s what we asked and what he replied: Q: How would you like to explain the difference between your services and services provided by other companies? Answer: “Currently, DDoS defense systems fail to address large DDoS attacks that fully “clog” the internet connection. In those cases, locally responding to an attack is no longer possible. In general, most solutions work in isolation, which introduces delays in the detection, reporting, and response to a DDoS attack. To effectively mitigate a large attack, an organization must involve organizations “higher up”, like ISPs, that can stop the flow of malicious traffic. We’re developing a unique collaborative model, where multiple organizations automatically work together to detect DDoS attacks through automatic traffic analysis. They then generate traffic blocking rules for the malicious traffic and send that to ISPs further up the chain. The ISPs can, in turn, block the necessary traffic and mitigate the attacks. One can see the basis of this in the way people react to DDoS attacks now, but many of these steps are manual and require complicated conversations over the telephone. In many cases, the process is further complicated because the parties involved have never spoken before, and have to build trust. After all, the actions that one takes to mitigate a DDoS can also be used to perpetrate an attack, so upstream ISPs need to convince themselves that they’re talking to the right person. What we’re looking to do is speed up this process, dramatically, by automating the detection, analysis, and mitigation steps. At the moment, this mitigation can be automatic, or it can be manual. That way, even if an organization’s ISP isn’t hooked up to our system, network admins will be able to detect the problem early and trust our solution to have all the information (and all the evidence!) they need to convince their ISP to take early and effective action.” Q: How will your firm will defend its client against DDoS attack leading to ransom such as the ProtonMail DDoS attack? Answer: “Ransom in DDoS cases is one of those clear indicators that our current approaches to DDoS defense are failing. Attackers can only ask for ransom when an organization has no way to defend themselves. Ransom cases can be mitigated by having effective DDoS defense that doesn’t allow an attack to become a problem in first place. The most effective defenses in the coming years will take into account the bigger picture by connecting everyone involved, for a more timely response. If we can minimize the effect of large DDoS attacks, we effectively reduce cases where attackers demand ransom.” Galois is a renowned firm in the computer science research and development sector. It has been operating since 1999 and boasts of a world class team of computer science experts, mathematicians, programmers, and engineers. The firm has positioned itself as the world’s most reliable company and is ready to take on even the most challenging computer science related task of the world. It has also partnered with defense and intelligence agencies to develop cutting edge technologies to protect their systems and networks. Very often tech firms consult Galois to create reliable, safe and secure systems for their products and services’ security. Source: https://www.hackread.com/us-homeland-security-vows-to-tackle-ddos-attacks/
See the original article here:
US Department of Homeland SecuUS Department of Homeland Security Vows To Tackle DDoS Attacksrity Vows To Tackle DDoS Attacks
The hacktivist group launched multiple distributed denial-of-service attacks against the hospital’s servers in protest of the controversial custody case of Justina Pelletier. The FBI has arrested a hacker suspected of participating in Anonymous’ 2014 DDoS attack against Boston Children’s Hospital, The Boston Globe has reported. He was taken into custody after being rescued from a small boat off the coast of Cuba by a Disney cruise ship. Martin Gottesfeld, 31, of Somerville, Massachusetts, was arrested on Feb. 17 in Miami. He’s due to appear in U.S. District Court in Boston, where he’ll be charged with of conspiring to damage the computers at Boston Children’s and another facility in Framingham, Massachusetts, according to the Globe. He faces up to five years in prison and a $250,000 fine. In April 2014 – in protest of the controversial custody case of Justina Pelletier, who was being kept a patient at Boston Children’s as a ward of the state against the wishes of her parents – hacktivist group Anonymous launched multiple distributed denial-of-service attacks that targeted the hospital’s servers and hamstrung its operations for a week. According to the Globe, the FBI had previously questioned Gottesfeld in 2014. He admitted then that he had posted a YouTube clip calling for attacks on Boston Children’s, but denied participating in them. It’s unclear why he wasn’t charged at that time. But a tip this week about his rescue at sea led agents to Florida to take him into custody. He had three laptops with him, according to an FBI affidavit. In a statement, Boston Children’s thanked federal officials for “apprehending the hacker who led the attack and holding him accountable” – also thanking its own employees, “who assisted the FBI throughout its investigation and who helped build the comprehensive systems and procedures that were able to thwart the attack and protect confidential information.” Source: http://www.healthcareitnews.com/news/fbi-arrests-massachusetts-man-anonymous-2014-cyberattack-boston-childrens-hospital
Link:
FBI arrests Massachusetts man for Anonymous 2014 cyberattack on Boston Children’s Hospital
Hacktivists with the Anonymous hacking collective have announced plans to launch widespread DDoS strikes against the Israeli military to protest the ongoing detention of Mohammed Al-Qeeq, a Palestinian journalist who has been on hunger strike since November 2015. Al-Qeeq is a reporter for a Saudi news outlet and was arrested at his Ramallah home on 21 November by Israeli police amid claims was linked to Hamas. According to the Independent, he has been in ‘administrative detention’ ever since, which is permitted under Israeli law to detain someone without referring to a judge on the basis they are a threat to the national security. In the week after his detention he went on hunger strike and after roughly 80 days had lost most of his sight, voice and hearing abilities. “We are calling on all citizens of the world to join us in this fight to free an illegally detained man. We are organising many ongoing operations in relation to this issue,” said the hacktivists in a statement posted to PasteBin, who have branded the so-called ‘emergency operation’ as #OpAlQeeq, #OpSaveGaza and #FreeAlQeeq. The statement requested those taking part in the operation to carry out a range of tasks including calling local Israeli embassys, taking to the streets in protest and raising awareness on social media. However, the note also called for major hacking activity against ‘Israeli military forces’ and posted a slew of IP addresses relating to a range of websites including the defence ministry and the Israeli Defense Force (IDF). “Since it was the Israeli military forces that arrested and detained Mohammed Al Qeeq, then Israel military forces, his blood is on your hands,” the statement said. “We are calling on all ‘anons’ and hacktivists across the world to focus fire on Israeli military forces. Included [are] all websites associated with the Israeli military. Dump them, load them with viruses, DDoS them, break them, whatever you can do or see fit. Security analysis is already underway on all targets. Targets are listed by priority level. If this man dies in the custody of the Israeli military, Israel you can expect hell.” Anonymous has a long history with hacking Israeli targets. Last year, in a video posted online, the group vowed an ‘electronic holocaust’ against the nation in apparent statement in support of Palestine. “As we did many times, we will take down your servers, government websites, Israeli military websites, and Israeli institutions,” said a masked anonymous individual. “We will erase you from cyberspace in our electronic holocaust.” Meanwhile, in a separate attack in 2012, hackers attacks and shut down a number of websites including the Tel Aviv Stock Exchange after they were threatened by a Saudi hacker. A spokeswoman for the stock exchange confirmed at the time that the site had come under attack, but claimed that trading systems were not affected. Even most recently, following the hack at the Department of Justice that resulted in the loss of thousands of federal credentials, the hacker using the @DotGovs twitter profile who was thought to be behind the incident frequently signed off with the now-familiar phrase: #FreePalestine. Source: http://www.ibtimes.co.uk/anonymous-hackers-plan-ddos-campaign-against-israeli-military-protest-mohammed-al-qeeq-detention-1544723
Follow this link:
Anonymous: Hackers plan DDoS campaign against Israeli military to protest Mohammed Al-Qeeq detention
Many WordPress websites are still being misused to perform layer 7 DDoS attacks against target servers, even though preventing them from participating in these attacks is as simple as disabling the pingback feature. “If you are not familiar with the terminology, Layer 7 attacks (also known as http flood attacks) are a type DDoS attack that disrupts your server by exhausting its resources at the application layer, instead of the network layer,” Sucuri Security CTO … More ?
See the original article here:
Is your WordPress site being misused for DDoS attacks?
Multiple vulnerabilities that could enable a remote attacker to launch a denial-of-service attack have been detected in the IBM Runtime Environment Java Technology Edition v6, according to an IBM Security Bulletin posted on Tuesday. The integrated software is used by Tivoli Composite Application Manager for SOA, a platform which provides management for services, applications and middleware. These bugs, which include the vulnerability popularly known as “SLOTH,” were reported by IBM when it updated Java SDK in January 2016. “The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake,” the bulletin stated. Employing man-in-the-middle techniques, a saboteur could exploit this flaw to mimic a TLS server and glean credentials, IBM wrote. No workarounds or mitigations have yet been provided. Source: http://www.scmagazine.com/several-bugs-detected-in-ibm-java-runtime/article/475405/
Follow this link:
Several bugs detected in IBM Java Runtime could lead to DDoS attacks
Last October’s disruption of the Dridex botnet by UK and US law enforcement agencies and the arrest of a Moldovan bot master have not lead to the death of the botnet. That’s because the botnet is segregated into a number of subnets, each likely operated by a different team of attackers, and they continue to mount campaigns that will swell the number of infected machines and to exploit the stolen banking information. “Dridex’s operators are … More ?
Read this article:
Dridex botnet alive and well, now also spreading ransomware