Attack KO’d the website and ticket machines A DDoS attack disrupted the Irish National Lottery’s website and ticket machines on Wednesday (January 20).…
Read the article:
Bad luck, Ireland: DDoS attack disrupts isle’s National Lottery
Author Archives: Enurrendy
Data center outages increasingly caused by DDoS
While overall unplanned data center outages have decreased, those that were the result of targeted DDoS attacks have skyrocketed. Think housing your servers in a data center rather than squeezing them under your desk is a bulletproof solution? Well, they might be safer in a data center, but believe it or not, some of the same pitfalls that can create trouble in the office can affect those secure data centers too. Namely UPS failure, human error, and cybercrime. ‘Unplanned’ UPS system failure is still the principal cause of “unplanned data center outages,” according to a new report. A quarter of all such events were related to UPS systems and batteries, according to Emerson Network Power in association with Ponemon Institute. The two organizations have been studying the cost of unplanned data center outages. Cybercrime But cybercrime-caused outages, specifically Distributed Denial of Service (DDoS) attacks, constituted a whopping 22% of the unplanned disruptions last year. That’s up from just 2% in 2010 and 18% in 2013, the last times the two organizations performed the survey. The survey collected responses from 63 data center operations who had observed an outage in the prior about year about what exactly happened. The report was published this month. Root causes Accidental causes or human error were the third biggest cause of unplanned outages, according to the report. Those mishaps caused 22% of the failures. That’s the same percentage as in 2013, but lower than in 2010, when 24% of outages were accidental or human-caused. Interestingly, many other causes of outages are lower now than they were in 2010 and 2013. They’ve been usurped by cybercrime’s huge gain. UPS failure is down slightly on 2010, when it accounted for 29% of the outages. And the aforementioned human error is down a bit. And utility failure, such as water, heat, and Computer Room Air Conditioning, which today makes up just 11% of the outages, was at 15% in 2010. Generators Likewise, generators appear to have become more reliable. Those systems contributed to 10% of the failures in 2010, whereas today they only make up 6%. The researchers don’t provide numbers relating to changing data center design over the period. Fewer generators in use—replaced by solar and alternative energy—could conceivably have caused that statistical decline. The report doesn’t specify. Weather Overall, most unplanned outage causes—including those caused by weather, which accounted for 10% of outages this year, compared to 12% in 2010 and 2013—have declined in favor of cybercrime. Even IT failure, a measly 4% of failures today, dropped from 5% in 2010. About $9K per minute And the cost? The report was released to expound on the cost of the outages, rather than to apportion blame. Well, the “average total cost per minute of an unplanned outage increased from $5,617 in 2010 to $7,908 in 2013 to $8,851 now,” according to the report. Downtime at data centers now costs an average of $740,357. That’s a 38% increase on 2010, the study calculates. And maximum costs are even higher. “Maximum downtime costs are rising faster than average, increasing 81% since 2010 to a current high of $2,409,991,” the report says. Source: http://www.networkworld.com/article/3024773/data-center/data-center-outages-increasingly-caused-by-ddos.html
Lotto ticket machines, website working after DDoS attack
The National Lottery website and ticket machines were targeted by a cyber-attack to disrupt its operations. A DDoS (Distributed Denial of Service) attack floods the communications system with traffic affecting all communications connectivity. “Indications are that this morning’s technical issues were as a result of a DDoS attack affecting our communications networks,” a statement from the Lottery said. “The issues were resolved by the National Lottery’s DDoS protection systems, limiting disruption and restoring all operations within two hours. “This incident is still under investigation. However, we can confirm that at no point was the National Lottery gaming system or player data affected,” the statement added. Tonight’s jackpot is heading for €12 million. RGDATA, the representative association for the independent retail grocery sector, said the National Lottery made it aware of the problem this morning. Last February, the National Lottery was forced to postpone its draw for 24 hours after a technical problem stopped ticket machines working. Source: http://www.rte.ie/news/2016/0120/761563-national-lottery/
Read More:
Lotto ticket machines, website working after DDoS attack
Ad-clicking bots predicted to rip US$7.2 billion from Mad Men
Could it be bots that fall for for those ‘One Weird Trick’ ads? Here’s hoping! Botnets will inflict a massive US$7.2 billion in damages against online advertisers this year according to research by ad security company White Ops.…
Read More:
Ad-clicking bots predicted to rip US$7.2 billion from Mad Men
Boards.ie floored by DDoS assault
Irish forum goes away with the fairies for a while Productivity in the Emerald Isle may have peaked on Tuesday with an outage of popular forum boards.ie coming on top of Twitter’s TITSUP moment.…
Continue reading here:
Boards.ie floored by DDoS assault
Microsoft asks: We’ve taken down botnets for you. How about a kill switch?
It’s like pulling a smoking car off the road… Oh, hang on Last December, Microsoft intercepted traffic on users’ PCs and helped break up a botnet. And nobody complained. So the company very tentatively asked at a session on ethics and policy in Brussels this week whether it should do more.…
View post:
Microsoft asks: We’ve taken down botnets for you. How about a kill switch?
Microsoft: We’ve taken down the botnets. Europol: Would Sir like a kill switch, too?
It’s like pulling a smoking car off the road … hang on Last December, Microsoft intercepted traffic on users’ PCs and helped break up a botnet. And nobody complained. So the company very tentatively asked at a session on ethics and policy in Brussels this week whether it should do more.…
Link:
Microsoft: We’ve taken down the botnets. Europol: Would Sir like a kill switch, too?
DDoS Attack Hits Kickass Torrents, DNS Servers Crippled
Site goes down for most of the day on January 16 Kickass Torrents, the Internet’s biggest torrent portal has suffered downtime yesterday after an unknown attacker has pummeled the site with a DDoS attack. According to a statement given by the site’s administrators to TorrentFreak, a blog dedicated to piracy news, the attack was aimed at the website’s DNS servers. Because of this, both the main domain and the plethora of official site proxies were down as well. The brunt of the attack was registered yesterday, January 16, and had the site taken offline for almost all day. Previously, during the week, the site was also hit by smaller DDoS attacks. Everything seems to be up and running now, but expect future attacks as well. The attack fits the pattern of a DDoS extortion campaign, when small attacks are launched at first, and then a bigger one to force victims into paying the DDoS ransom. Earlier this week, Europol announced the capture of the famed DD4BC DDoS extortion group in Bosnia and Herzegovina. DD4BC is the first group known to launch DDoS attacks and then ask for payments in Bitcoin. The group’s actions have been copied by many other DDoSing outfits, and most DDoS attacks nowadays are launched for this reason. Kickass Torrents is one of Alexa’s top 100 sites on the Internet, meaning it’s an attractive target for DDoSing groups, thanks to its huge advertising revenue. Source: http://news.softpedia.com/news/ddos-attack-hits-kickass-torrents-dns-servers-crippled-499019.shtml
Read More:
DDoS Attack Hits Kickass Torrents, DNS Servers Crippled
Author of MegalodonHTTP DDoS Malware Arrested in Norway
Hacker was arrested one month ago in Europol operation Norway’s law enforcement authorities have identified a previously arrested suspect as the author of the MegalodonHTTP malware, used for infecting computers and adding them to a botnet used for DDoS attacks. The yet unnamed suspect, known only by his online moniker of Bin4ry, was arrested in December 2015 , during the second stage of Operation Falling sTAR, launched in October 2015 against users of RATs (Remote Access Trojans). During this second phase of the operation, Europol authorities coordinated the arrests of 12 individuals in France, Norway and Romania. Five of the suspects were arrested in Norway. Damballa helped authorities track down MegalodonHTTP’s author A big part in arrest played US cyber-security vendor Damballa, who helped Europol break down the botnet’s activities, and then worked with Norwegian authorities to track down the malware’s author. “We are not at liberty to divulge the MegalodonHTTP author’s real identity, but we can confirm that the person behind the handle Bin4ry is no longer active or doing business,” said Loucif Kharouni, Senior Threat Researcher for Damaballa. Damballa’s team analyzed the MegalodonHTTP malware in late November 2015, as the malware was starting to become more prevalent on the Dark Web, being sold in two separate packages, one that cost $35, and the second that cost $100. Damballa: MegalodonHTTP is not an advanced malware The malware was sold both from Dark Web hacking forums, but also from the now defunct bina4ry.com domain, and came equipped with an automated installer and administration panel, so even skids (script kiddies) could use it, without possessing advanced technical in advance. According to Bin4ry’s description of MegalodonHTTP, the malware was capable of launching seven types of DDoS attacks, remote shells on infected machines, included Bitcoin mining features, but also had the option to kill antivirus processes. At the time of their analysis, Damaballa researchers said that despite being quite potent in terms of features, the malware was not the work of a skilled coder, worked only on Windows machines, and needed the .NET Framework installed, which narrowed the number of machines it could work from. MegalodonHTTP DDoS botnet administration panel Source: http://news.softpedia.com/news/author-of-megalodonhttp-ddos-malware-arrested-in-norway-498981.shtml
Link:
Author of MegalodonHTTP DDoS Malware Arrested in Norway
DDoS Defense: Better Traction in Tandem?
DDoS attacks are nothing new, but they remain the nemesis of many IT departments in organizations big and small. Why? Because attacks can come from any source, use multiple protocols, leverage massive botnets and often aren’t detected until it’s too late. According to SecurityWeek, the U.S. Department of Homeland Security (DHS) is now developing a new kind of DDoS defense, one based on collaboration rather than isolation. But can companies really get better security traction in tandem rather than acting alone? Big Numbers, Big Problems As noted by Dark Reading, DDoS attacks “are growing in frequency, size, severity, sophistication and even persistence each year.” Since there’s no single vector for these attacks — coupled with the fact that many look like server or network failures at first glance — it’s no wonder both small companies and large enterprises are getting hit, and hit often. Consider Rutgers University: In 2015, the institution faced six separate DDoS events. Financial institutions and government organizations faced many more, both attempted and successful, because the mechanism for attacks remains simple: Malicious actors need only reliable botnets and solid connections to launch a full-scale effort. The speed and simplicity of DDoS attacks is also encouraging malicious actors to ramp up their efforts. According to BetaNews, for example, the BBC was hit with a massive attack on New Year’s Eve that — if the attackers themselves are telling the truth — reached a maximum of 602 Gbps. That’s almost double the size of the current DDoS record holder at 334 Gbps. The group responsible, called New World Hacking, also targeted Donald Trump’s website and said it had plans to go after ISIS-related sites, although it claimed the BBC attack was merely a test and not intended to bring the site down for hours. Some security pros said the group may be targeting high-profile sites in an effort to promote its in-house DDoS tool, BangStresser. Stopping Traffic With DDoS Defense With DDoS tools and hacking-as-a-service now available for purchase at virtually any Dark Web marketplace and effectively being advertised through public attacks, companies are understandably concerned. Even when caught midstream, it’s difficult to respond before servers start failing and other, more sophisticated attacks take aim at critical corporate data. As a result, dealing with DDoS has become a top priority for organizations like the DHS, which just awarded a $1.7 million contract to tech company Galois in hopes of strengthening DDoS defense. The biggest news from the announcement is the development of a new project called DDoS Defense for a Community of Peers (3DCoP), which uses a peer-to-peer mechanism that allows organizations to work together and collectively defeat DDoS attacks. The thinking here is that since many companies and institutions are often targeted by similar attacks, a coordinated response increases the chance of early detection and swift response, in turn lowering overall damage. Historically, businesses have been reluctant to share attack data or collaborate on defense for fear of giving away trade security secrets or seeming weak in comparison to other companies. The high-volume, high-impact nature of DDoS attacks, however, make this an untenable position; users don’t care about protecting company pride if the result is reduced compute performance or total server failure. If the DHS effort works as intended, however, organizations should be able to collectively tap the power of the combined whole and get better traction on DDoS defense. In other words, a steady security climb instead of spinning wheels. Source: https://securityintelligence.com/news/ddos-defense-better-traction-in-tandem/
Original post:
DDoS Defense: Better Traction in Tandem?