Dutch suspect snatched in Spain The Dutch police have confirmed the arrest of man suspected of taking part in a massive DDoS attack against the anti-spam group Spamhaus back in March.…
See the article here:
Police arrest suspect in BIGGEST DDoS ATTACK IN HISTORY
Charles Schwab Corp said it was the target of a cyber attack that prevented access to its website intermittently for about an hour on Wednesday, the second such attack in as many days, but that the problem had been resolved. Schwab, one of the largest U.S. brokerages, said on Tuesday afternoon it was that target of a distributed denial of service attack – an attack that floods websites with traffic in order to block access – that left clients unable to trade through the site for two hours. Phone service was available during both attacks, although responses were slower than usual due to the large number of people calling in, said Schwab spokesman Greg Gable. He said clients who believe they were affected by the outage can call 1-800-435-4000 to talk with a Schwab representative. The attacks did not impact client data or accounts, Gable added. Schwab said it is actively investigating the attacks but could not provide further information. The San Francisco-based company had 8.9 million active brokerage accounts and $2.1 trillion in total client assets at the end of the last quarter. For protection against your eCommerce site click here . Source: http://www.csmonitor.com/Business/Latest-News-Wires/2013/0424/Schwab-website-recovers-after-second-day-of-cyber-attacks
Original post:
Charles Schwab website recovers after second day of cyber attacks
DigiD, the identity management platform that allows Dutch citizens to digitally sign bills, pay taxes, and more, has been unavailable since Tuesday evening due to a DDoS attack, Biz Community reports.
See the article here:
Dutch DigiD e-signature system under DDoS attack
In order to relieve the curiosity of the huge Reddit community, systems administrator Jason Harvey has shared some details about the DDoS attack that recently hit the popular social news site and cau…
More:
Reddit was downed by record DDoS attack, motive is unknown
Distributed-denial-of-service attacks against banking institutions are becoming a global concern, and experts say many organizations outside the U.S. financial-services sector are ill-equipped to defend themselves. DDoS strikes have taken down online-banking sites in Northern Europe in recent days and weeks, several security experts say. Scott Hammack , CEO of DDoS-mitigation provider Prolexic, says institutions in the Netherlands appear to be among the most recently targeted, but banking institutions throughout Europe have been hit within the last several months. Energy companies also have fallen victim, he says. But experts say the attacks being waged against European banks are not linked to Izz ad-Din al-Qassam Cyber Fighters , the hacktivist group that since September has been striking leading U.S. banks. And some experts believe fraud is the motive behind the attacks waged in Europe. Northern European Targets Hammack would not name which European organizations had been targeted. Carl Herberger of online-security firm Radware, which specializes in DDoS mitigation, says six Northern European banking institutions have been targeted in the last two to three weeks, and attacks continue. “From our perspective, based on the traffic we see, it’s only been about a half-dozen hit, and it’s been mostly banks and e-commerce sites,” he says. “They’re all located in continental Northern Europe – the EU epicenter or power areas in the EU.” Herberger also would not provide names of the targeted banks. But ING confirms in a statement that was available on its website April 19 that its online- and mobile-banking platforms had earlier been inaccessible because of a DDoS attack. In a separate statement issued April 5 by the Dutch Banking Association , ING’s outages also were mentioned. “All this was the result of a very wide range of Internet traffic on the websites of banks, called a DDoS attack, where both Dutch and foreign banks [were] affected by the encounter,” the banking association states. ENISA , the European Network and Information Security Agency, on March 13 issued a warning to European business about the increasing risk of cyber-attacks, but spokesman Ulf Bergstrom says few banks and Internet service providers have adequately heeded the warning. ENISA has longstanding standards that address DDoS risks, Bergstrom notes. But most organizations have failed to make online protections a priority, he contends. “The ISPs are either unaware of these standards that have existed for 13 years, or they do not deem they can muster the costs to apply them,” he says. “Banks also do not always go for the best solutions, but cheaper security solutions. It depends if it’s easier to pay off one person who is hit by cyberfraud.” A Different Kind of Attack Herberger and others say the attacks in Europe are different than the DDoS campaigns waged against U.S. banks. “The attacks are not of the same signatures as Operation Ababil,” he notes, referring to the campaigns being waged by Izz ad-Din al-Qassam Cyber Fighters against U.S. banking institutions. “The attacks don’t match the current attack profiles we see from Operation Ababil,” he adds. “They are less sophisticated, less pervasive and less aggressive. Nevertheless, for institutions that have endured attacks of this nature, they have been trying.” Other experts also say the botnet used by Izz ad-Din al-Qassam Cyber Fighters has not been linked to attacks in Europe. And the motives for the attacks in Europe could be more about fraud than hacktivism, they add. John Walker , chairman of ISACA’s Security Advisory Group in London who in September said European banks were not prepared to defend themselves against DDoS, says the attacks being waged now likely have a monetary motivation. “I know in two cases extortion was involved,” he says. Herberger says the attack patterns in Europe are still being analyzed at Radware, but that it does seem the attacks in Europe are being waged for more than annoyance. “The attacks seem to be directed against integrity-based interests,” he says. “There’s no evidence yet that there has been a data loss; but once you violate integrity systems, you can get anything you want.” But the greater worry, Herberger says, is the apathy among European banks when it comes to addressing DDoS risks. “Around the world, everyone has viewed this as an ‘Ugly American’ problem,” he says. “But these attacks are hitting more than banks, and it’s been more than one country.” For protection against your eCommerce site click here . Source: http://www.bankinfosecurity.com/ddos-strikes-take-eu-banks-offline-a-5701/p-2
Read the original:
DDoS Attack Strikes Take EU Banks Offline
Virtual currency in real trouble Bitcoin exchange Mt.Gox has been attacked and its servers briefly taken offline.…
See more here:
DDOS strikes BitCoin exchange Mt.Gox
The challenge with DDoS attacks like the one that hit Reddit is separating malicious traffic from legitimate, said security analyst Alex Horan. “If you wait until the traffic hits your site to make that distinction, it is too late. You are wasting processing time and bandwidth making that determination,” he said. Reddit got a black eye this week after being hit with a distributed denial of service (DDoS) attack Friday morning. The attacks left the site dark for a while and with spotty service well into the afternoon. “Having some technical difficulties right now. We’ll be back ASAP,” the @redditstatus Twitter feed reported before sunrise on the East Coast Friday morning. About 6:30 a.m., the site noted it was “working on mitigating a malicious DDoS attack.” Within 30 minutes, the site seemed to be up and running again but some of the functions were still hurting from the fallout. The Whys and Hows Alex Horan, senior product manager at Core Security, said the important point about DDoS is the initial ‘D’ for Distributed. In other words, Reddit could not easily distinguish between legitimate traffic and attack traffic. “If you wait until the traffic hits your site to make that distinction, it is too late. You are wasting processing time and bandwidth making that determination,” he said. “You need to work with the downstream Internet providers to make that distinction as close to the source of each of the nodes participating in the attack and drop the traffic there. This, in theory, could make the whole Internet faster, as less of this malicious traffic would make it to the shared information superhighway.” Horan said understanding the motive of the attackers is useful for the general community. Of course, he added, consumers shouldn’t necessarily change our behavior because of the threat of a DDoS. “It is important to learn the whys and the hows of these attacks and attackers so we can better anticipate what actions might provoke them,” he said, “so we can be forewarned — and technically what actions they will take so we can apply the right defenses — be forearmed.” Sending a Message? Richard Westmoreland, lead security analyst for the Security Operations Group at SilverSky, said DDoS attacks are normally launched to send some form of a message and can vary greatly in terms of their sophistication. “It has been widely speculated in federal circles that due to the sheer mass and complexity of these recent attacks that they are the result of an escalating cyber war with Iran. DDoS attacks have become the preferred and paid weapon for many politically motivated groups,” Westmoreland said. “This is both a scary and positive aspect to these types of attacks. The negatives are that they are perpetrated by professionals who have the skills and resources to effectively launch these attacks, and there is little that can be done to stop them. The consolation is that these attacks are generally shorter in duration before moving on to other targets.” For protection against your eCommerce site click here . Source: http://www.sci-tech-today.com/news/Reddit-Is-Targeted-with-a-DDoS-Attack/story.xhtml?story_id=10300BI2ZXIA&full_skip=1
View original post here:
Reddit Is Targeted with a DDoS Attack
Distributed denial-of-service study finds increase in attack quantity and severity, while most attacks continue to originate from China. The average bandwidth seen in distributed denial-of-service (DDoS) attacks has recently increased by a factor of seven, jumping from 6 Gbps to 48 Gbps. Furthermore, 10% of DDoS attacks now exceed 60 Gbps. Those findings come from a new report released Wednesday by DDoS mitigation service provider Prolexic Technologies, which saw across-the-board increases in DDoS attack metrics involving the company’s customers. “Average packet-per-second rate and average bit rate spiked in the first quarter and both are growing at a fast clip,” said Prolexic president Stuart Scholly in a statement. “When you have average — not peak — rates in excess of 45 Gbps and 30 million packets per second, even the largest enterprises, carriers and, quite frankly, most mitigation providers, are going to face significant challenges.” In the first three months of 2013, 77% of DDoS attacks targeted bandwidth capacity and routing infrastructure, while 23% were application-level attacks that didn’t overwhelm targeted networks through packet quantity, but rather by disrupting critical applications or processes running on a server. The report also found that between the fourth quarter of 2012 and the first quarter of 2013, the total number of attacks increased marginally — by only 2% — while attack duration increased by 7%, from 32.2 hours to 34.5 hours. But the greatest number of DDoS attacks continue to be launched from China, although the volume of such attacks has recently declined. While 55% of all attacks came from China at the end of last year, by March 2013 that had dropped to 41%, followed by the United States (22%), Germany (11%), Iran (6%) and India (5%). The source of attacks doesn’t mean that a country’s government or even criminal gangs are directly responsible for launching DDoS campaigns. For example, the Operation Ababil bank disruption campaign being run by al-Qassam Cyber Fighters relies in part on hacking into vulnerable WordPress servers and installing such DDoS toolkits as “itsoknoproblembro” — aka Brobot. Attackers then use command-and-control servers to issue attack instructions to the toolkits, thus transforming legitimate websites into DDoS launch platforms. Given that situation, it’s no surprise that China, the United States and Germany — which all sport a relatively large Internet infrastructure — are also tops for DDoS attack origin. But Prolexic’s report said it’s odd that Iran, which has a very small Internet architecture by comparison, should be the source of so many attacks. “This is very interesting because Iran enforces strict browsing policies similar to Cuba and North Korea,” according to Prolexic’s report. As DDoS attack sizes increase, so do fears of an Armageddon scenario, in which the attack not only disrupts a targeted site, but every site or service provider in between. According to Prolexic’s report, the largest single attack it’s mitigated to date occurred in March, when an “enterprise customer” was hit with an attack that peaked at 130 Gbps. While that wasn’t equal to the 300 Gbps attack experienced by Spamhaus, it still represents well more than most businesses can handle, unless they work with their service provider or third parties to build a better DDoS mitigation defense. On that front, some businesses tap dedicated DDoS mitigation services from the likes of Arbor Networks, CloudFlare, Prolexic and Verisign. “There are a number of DDoS mitigation technologies out there, and we see organizations that are deploying the technologies in their own infrastructure and in their own environments,” as well as working with service providers, said Chris Novak, managing principal of the RISK Team at Verizon Enterprise Solutions, speaking recently by phone. “Like so many things in the security space, the layered approach is the most effective for most organizations,” he said. For protection against your eCommerce site click here . Source: http://www.informationweek.com/security/attacks/ddos-attack-bandwidth-jumps-718/240153084
Follow this link:
DDoS Attack Bandwidth Jumps 718%
The average DDoS attack bandwidth in Q1 2013 totaled 48.25 Gbps, which is a 718 percent increase over last quarter, and the average packet-per-second rate reached 32.4 million, says Prolexic. Ea…
Follow this link:
Average DDoS attack bandwidth up 718 percent
Many websites built on the blogging and content management system WordPress are currently under attack by a group of hackers attempting to gain access to the sites to use them in Distributed Denial of Service (DDOS) attacks. The infected machines are then, in turn, attempting to gain access to other WordPress installations, to quickly grow the size of the botnet. Security experts say this is one of the most robust WordPress attacks to date, and the hackers have succeeded in building a very strong botnet of infected systems. There are currently nearly 100,000 IP addresses in use by the infected systems, and this could grow as the hackers turn additional WordPress installations into subservient systems. Two popular managed hosting services, HostGator and Resellers Panel are undergoing a very heavy attack by the botnet right now – both services specialize in WordPress hosting packages. Hackers are bute-force punching their way into the WordPress backend by trying 1,000 – 2,000 password combinations against the “admin” username on WordPress systems. WordPress users with easy-to-guess passwords are at the most risk for having their systems compromised. To avoid having your WordPress instances violated, John Dolan, a freelance security expert, suggests that users go into their WordPress settings “right now, as soon as possible, and update their passwords,” he said. “It should be changed to a complex password, not a dictionary word, and it should use a mixture of capital and lowercase letters, as well as numbers and another character, like a question mark, for example.” In addition to making sure your password is secure, Dolan also recommends that WordPress users look into a service like CloudFlare, an online security vendor that monitors your website’s incoming traffic and deflects attacks from known bots and spammers. What to do if your WordPress instance has been hijacked? “Talk to your hosting provider,” says Dolan. “They most likely have experience with this, and can help you wipe your WordPress install and restore your latest backup.” Source: http://www.szsu.com/2013/04/13/wordpress-websites-target-of-hacker-attack/
View article:
WordPress Websites Target of Hacker Attack