Popular web-based Git repository hosting service GitHub has been battling a massive DDoS attack – the biggest they have ever experienced – for the last four days. “The attack began around 2AM UTC o…
Visit link:
Massive DDoS against GitHub continues
Category Archives: DDoS Criminals
GitHub recovering from massive DDoS attacks
The attacks were aimed at two GitHub-hosted projects fighting Chinese censorship Software development platform GitHub said Sunday it was still experiencing intermittent outages from the largest cyberattack in its history but had halted most of the attack traffic. Starting on Thursday, GitHub was hit by distributed denial-of-service (DDoS) attacks that sent large volumes of Web traffic to the site, particularly toward two Chinese anti-censorship projects hosted there. Over the next few days, the attackers changed their DDoS tactics as GitHub defended the site, but as of Sunday, it appears the site was mostly working. A GitHub service called Gists, which lets people post bits of code, was still affected, it said. On Twitter, GitHub said it continued to adapt its defenses. The attacks appeared to focus specifically on two projects hosted on GitHub, according to a blogger who goes by the nickname of Anthr@X on a Chinese- and English-language computer security forum. One project mirrors the content of The New York Times for Chinese users, and the other is run by Greatfire.org, a group that monitors websites censored by the Chinese government and develops ways for Chinese users to access banned services. China exerts strict control over Internet access through its “Great Firewall,” a sophisticated ring of networking equipment and filtering software. The country blocks thousands of websites, including ones such as Facebook and Twitter and media outlets such as The Wall Street Journal, The New York Times and Bloomberg. Anthr@X wrote that it appeared advertising and tracking code used by many Chinese websites appeared to have been modified in order to attack the GitHub pages of the two software projects. The tracking code was written by Baidu, but it did not appear the search engine — the largest in China — had anything to do with it. Instead, Anthr@X wrote that some device on the border of China’s inner network was hijacking HTTP connections to websites within the country. The Baidu tracking code had been replaced with malicious JavaScript that would load the two GitHub pages every two seconds. In essence, it means the attackers had roped in regular Internet users into their attacks without them knowing. “In other words, even people outside China are being weaponized to target things the Chinese government does not like, for example, freedom of speech,” Anthr@X wrote. GitHub has not laid blame for the attacks, writing on Saturday that “based on reports we’ve received, we believe the intent of this attack is to convince us to remove a specific class of content.” The attackers used a wide variety of methods and tactics, including new techniques “that use the web browsers of unsuspecting, uninvolved people to flood github.com with high levels of traffic,” GitHub said. In late December, China cut off all access to Google’s Gmail service, after blocking Facebook’s Instagram app, and the phone messaging app Line. A month prior, it appeared many non-political sites supported by the U.S. content delivery network EdgeCast Network were blocked. EdgeCast may have been a casualty because its cloud services are often used to host mirror sites for ones that have been banned. Source: http://www.computerworld.com/article/2903318/github-recovering-from-massive-ddos-attacks.html
Originally posted here:
GitHub recovering from massive DDoS attacks
Indiana’s website taken out by DDoS in response to ‘religious freedom’ law
The state’s website was up and down for most of the early afternoon on Friday The state of Indiana is having a bad week. First, Governor Mike Pence signed a controversial “religious freedom” bill into law; earning the state a black eye for taking step backwards on civil rights. Now, twenty-four hours later, the state’s website was knocked offline by a group taking up another person’s protest against Religious Freedom Restoration Act. The group responsible for taking IN.gov offline has targeted 34 other state, local, tribal, and territorial government websites this month. Going by the name @YourVikingdom on Twitter, the group targeted Indiana’s website after another user suggested that a campaign against the state be mounted in response to recently enacted discriminatory law. Senate Bill 101, also known as the Religious Freedom Restoration Act, was surrounded by controversy in the days leading up to its signing. Businesses and organizations on both sides of the debate, including religious groups such as The Christian Church (Disciples of Christ) urged Gov. Pence to veto the bill. The problem most people have with the new law is that it opens the door for business owners to deny services to the LGBT community for religious reasons. The law, said to be nothing short of legalized discrimination, has caused business leaders to react, including Salesforce CEO Marc Benioff, who stated that employees and customers would no longer be sent to Indiana. Salesforce bought ExactTarget, an Indiana-based marketing software company, for $2.5B in 2013. “Today we are canceling all programs that require our customers/employees to travel to Indiana to face discrimination,” Benioff said via Twitter. There’s no way to prove it, but the DDoS attack against Indiana’s primary website might have been avoided. The group responsible has no real purpose. Despite their outlandish claims, the reality is they attack vulnerable infrastructures – or low-hanging fruit as it were – for fun. There is no cause for them to support, just their own amusement. All of their victims, especially the government websites, have little to no anti-DDoS protection. Indiana is no different. Yet, because of the backlash against Indiana over the ‘religious freedom’ law, @YourVikingdom took notice and flooded the website with traffic to the point that it collapsed. The site was able to recover, but the damage had already been done. Then again, the ‘religious freedom’ law might have been nothing more than an excuse. As low-hanging fruit, Indiana’s servers were always a possible target, especially given the established pattern set by @YourVikingdom. Indiana’s website was offline at 2:00p.m. EST, and recovered 45 minutes later, but remained sluggish for another half-hour while the Indiana Office of Technology worked to resolve the issue. Source: http://www.csoonline.com/article/2903314/business-continuity/indianas-website-taken-out-by-ddos-in-response-to-religious-freedom-law.html
Continue reading here:
Indiana’s website taken out by DDoS in response to ‘religious freedom’ law
The injected JavaScript used to smash anti-Great Firewall of China GitHub projects offline
Servers up and down during 24-hour-long DDoS GitHub’s servers are being hammered by web traffic from an army of unwitting cyber-foot-soldiers.…
Continue reading here:
The injected JavaScript used to smash anti-Great Firewall of China GitHub projects offline
Police website target of repeated DDoS attacks
A denial of service attack on Thursday morning to the Finnish Police website was the third attack of its kind this week. The website of the Finnish Police has been the target of repeated denial of service attacks this week, with the latest service disruption on Thursday downing the website for several hours. It marked the third such attack to the poliisi.fi webpage in the last few days. The first attack took place on Tuesday, and downed the website from late morning to 7 pm. Wednesday marked a smaller attack of the same nature. Tomi Moilanen, Chief Information Security Officer with the National Police Board, says the attacks have not led the police to implement any extraordinary measures quite yet. The attacks have also not detrimentally affected the various online services available on the site. The police have filed an investigation request with the National Bureau of Investigation in order to get to the bottom of the cyber attacks. Source: http://yle.fi/uutiset/police_website_target_of_repeated_denial_of_service_attacks/7891226
Read the article:
Police website target of repeated DDoS attacks
Companies under DDoS Attack Fear Losing Business Opportunities the Most
DDoS attacks are now one of the most common and affordable cyberweapons. They are used by unscrupulous competitors, sinister extortionists or just everyday cyber-vandals. More and more companies, regardless of their size or business, are encountering this threat. And, according to the results of a survey conducted by Kaspersky Lab and B2B International, the majority of companies believe that revenue and reputation losses are the most damaging consequences of a DDoS attack. According to the figures, companies regard lost business opportunities – the loss of contracts or on-going operations that generate guaranteed income – as the most frightening consequence of a DDoS attack. 26 per cent of companies that encountered DDoS attacks regarded this as the biggest risk. Reputational risks (23 per cent) were viewed as the next most frightening consequence, likely to be since a negative customer or partner experience can drive away future contracts or sales. Losing current customers who could not access the anticipated service due to a DDoS attack was in third place: named by 19 per cent of respondents. Technical issues were at the bottom of the pile: 17 per cent of respondents identified a need to deploy back-up systems that would keep operations online as the most undesirable consequence, followed by the costs of fighting the attack and restoring services. The research also revealed that respondents from companies in different fields take different views of the consequences of DDoS attacks. For example, industrial and telecoms companies, as well as e-commerce and utilities and energy organisations, tend to rate reputational risks ahead of lost business opportunities. In the construction and engineering sector there is more concern about the cost of setting up back-up systems, perhaps because larger companies face higher expenditure on this kind of system. “ People who have not yet faced a particular threat often tend to underestimate it while those who have already experienced it understand which consequences might be the most damaging for them. However, it makes little sense to wait until the worst happens before acting – this can cost companies a lot, and not only in financial terms. That is why it is important to evaluate all possible risks in advance and take appropriate measures to protect against DDoS attacks ”, said Evgeny Vigovsky , Head of Kaspersky DDoS Protection, Kaspersky Lab. DDoS attacks on company resources are becoming a costly problem but only 37 per cent of the organisations surveyed said they currently have measures in place to protect against them. This is an unnecessary oversight at a time when the IT security market can offer reliable and easy-to-deploy security solutions that are able to prevent loss of access to online services caused by a DDoS attack. For example : Kaspersky DDoS Protection does not require the installation of heavy server solutions on the customer’s infrastructure. Traffic filtration during an attack is handled in special cleaning centers according to the tailor-made rules defined for each customer and each attack. The solution is backed up by Kaspersky Lab experts, whose many years’ experience of protecting against online threats allows them to detect attacks fast and block them, regardless of the intensity and complexity of the assault. Source: http://www.informationsecuritybuzz.com/companies-under-ddos-attack-fear-losing-business-opportunities-the-most/
See the original post:
Companies under DDoS Attack Fear Losing Business Opportunities the Most
The average DDoS attack tripled in volume
The average packet volume for DDoS attacks increased 340 percent to 4.36 million packets per second (Mpps), and the average bit volume swelled 245 percent to 12.1 Gbps in the final quarter of 2014, ac…
Read the original post:
The average DDoS attack tripled in volume
Maine, NH Websites Taken Down by Spam DDoS Attack
A spam attack temporarily took down websites for the states of Maine and New Hampshire on Monday. A hacker group claimed responsibility on Twitter for taking down maine.gov and visitnh.gov. Both sites were back up and running within about an hour. Maine Secretary of State Matt Dunlap said maine.gov was shut down by a spam attack, but it was not hacked. He said there was no info breach. The Secretary of State’s Office posted a message to its Facebook page saying that maine.gov was experiencing a “denial of service” event, and that the IP addresses that were overwhelming the website with requests were being blocked. “We’re on it,” said Adrienne Bennett, Maine Gov. Paul LePage’s press secretary. “We understand the details of it.” William Hinkle, New Hampshire Gov. Maggie Hassan’s communications director, said the third party that hosts visitnh.gov experienced a “distributed denial of service” attack against its servers at one of its datacenters around 8:57 a.m. Monday. That site and several others hosted by that datacenter were inaccessible until about 9:41 a.m. “The Division of Travel and Tourism, the Department of Information and Technology and its service providers are working together to determine more details about the root cause of the issue,” he said. “At this time, our service provider reports that they have no evidence suggesting that visitnh.gov was the specific target.” Source: http://www.necn.com/news/new-england/Maine-NH-Websites-Taken-Down-by-Spam-Attack-297255971.html
Continue Reading:
Maine, NH Websites Taken Down by Spam DDoS Attack
Massive DDoS racks up $30,000-a-day Amazon bill for China activists
Site flooded with 2.6 billion requests an hour Chinese activist site Greatfire.org which masks censored traffic into the country is under a sustained distributed denial of service (DDoS) attack that is racking up $30,000 a day in server costs.…
See the original post:
Massive DDoS racks up $30,000-a-day Amazon bill for China activists
DDoS attacks losing companies business opportunities
Research said organisations fear losing contracts and ongoing business as a consequence Research by Kaspersky has revealed businesses fear losing clients as a result of DDoS attacks, although the construction industry is more concerned about the cost of eradicating threats. A survey conducted by the security firm in partnership with B2B International revealed 26 per cent of companies thought the problems caused by such attacks were long-term, meaning they could lose current or prospective clients as a result. 23 per cent said they were concerned a DDoS attack would cause reputational issues, while 19 per cent thought the risk of losing current customers who were not able to access services as a result of an outage was the biggest threat to business . The research revealed that only 37 per cent of the companies surveyed had measures already in place to protect against DDoS attacks. Evgeny Vigovsky, head of Kaspersky DDoS Protection at Kaspersky said: “ People who have not yet faced a particular threat often tend to underestimate it while those who have already experienced it understand which consequences might be the most damaging for them. “However, it makes little sense to wait until the worst happens before acting – this can cost companies a lot, and not only in financial terms. That is why it is important to evaluate all possible risks in advance and take appropriate measures to protect against DDoS attacks.” Of those surveyed, the majority of telecoms, e-commerce, utilities, utilities and industrial companies viewed the loss of business as the main DDoS risk, while construction and engineering verticals explained they were concerned about the cost of implementing backup systems most. Source: http://www.itpro.co.uk/security/24245/ddos-attacks-losing-companies-business-opportunities
More here:
DDoS attacks losing companies business opportunities