Category Archives: DDoS News

Can Cloud Storage save you from Ransomware Attacks?

Step by step, our personal and work lives are being transferred online and instantaneous connections, real-time cooperation, and free flowing information come at a price. Yes, cybercrime is hardly something new but the recent rise in global ransomware attacks are putting the question of online security into the spotlight and under scrutiny. The hackers are getting more and more inventive, and it’s becoming harder for the individual as well as companies to protect themselves. What can be done? Can cloud storage save us from ransomware? Cloud Storage vs. Ransomware Cloud created a revolution in data storage. It’s cost-effective, easy to access and typically very well guarded. The convenience is reflected in its widespread use. A report by RightScale found that 82% of companies were already using multi-cloud storage strategies. According to a report by Intuit, 78% of small businesses will fully rely on cloud services by 2020. This mass migration of business of all sizes to cloud space rendered it an extremely attractive target. Sadly, the NotPetya ransomware made it clear that ransomware has gone beyond local and physical storage, and can hit everywhere. Although being publicized as on one of the safest storage options, the cloud is not an exception to the threat. Let’s Be Realistic The best way to stay protected is to be realistic and keep informed about the capacity and power of the services on which you are relying. As such, cloud storage is not a magical bulletproof solution that will graciously save you from the ransomware. To be able to withstand ransomware and other types of attacks, cloud and collaboration services need to start implementing or strengthening solutions that allow for real-time visibility, greater control, data loss prevention, and so forth. If hackers are getting more creative, the levels of security need to follow and surpass them. How to Leverage Cloud Storage Despite the cold splash of reality, not all is lost. Cloud storage can be a valuable partner in crime or – better said – your partner in preventing crime. Scalability – Regardless of shortcomings, cloud services are still best equipped to act as a failsafe and protect you from ransomware today and in the future. Being flexible and scalable in essence, cloud services enable us to keep up with the changes and developments in the malware landscape. In other words, while the nature of the attack is unlikely to change, the delivery method will and cloud services have the agility to adjust aptly. Security Layers – In most cases, the layers of security over cloud are considerably better than of any other private server. Typically, clouds are a sophisticated combination of elaborate access controls and encrypted technology with the capacity to expand. Plus, many of them provide protection against DDoS attacks which makes them all the more useful. Backups – Due to reliability and resiliency, backing up your data with a cloud storage is far more efficient. When stored on local storage, frequent backups consume a lot of storage resources and negatively affect computer performance. With the cloud, backups of your information, data and documents can be frequent, and the streamlined failover process provides you with the comfortable safety of backup recovery. A recommended approach is to rely on several clouds simultaneously which provides a much more expansive protections without excessively high costs or unbearable complexity. How do you know cloud is worth your time? According to MarketsAndMarkets, the cloud security market will be valued at impressive $8.71 billion by 2019, so companies are ready to invest more and more to improve and strengthen the safety of the cloud environments from malicious attacks. Cloud storage, although not the ultimate weapon against ransomware attacks, is by far one of the most efficient ways to protect your information without excessive spending or applying overly complicated scenarios. It’s also most likely to scale and thus continue withstanding cybercrime in the future. Nonetheless, it is crucial you select your cloud service carefully as not all are equal. Source: http://www.dos-protection.co.uk/wp-admin/post-new.php

View the original here:
Can Cloud Storage save you from Ransomware Attacks?

So your company is on social media, are you practicing safe tweeting?

Social media has evolved from a mere millennial fad into a preferred marketing tool used by businesses across Asia Pacific. With Asia Pacific accounting for 54% of global social media users, and Asia Pacific social media users spending an average of two to four hours on social media daily, it makes sense for businesses to use social media to reach their audiences in this digital age. Companies are posting product reviews, photos, client testimonials and videos on their social media pages, in hopes of driving engagement through likes and positive comments and eventually whipping up a viral storm. Brands are even creating social media contests to engage consumers playfully while growing their brand identity, or engaging key influencers to get more people talking. Aside from driving engagement, social media serves as an avenue for companies to solicit customer feedback: Customers’ comments can provide insights on common customer complaints and companies’ points for improvement. But while integrating social media into the marketing mix can bring many benefits, it also has a dark side.  Opening the company to more cyber risks. After all, social media is fast becoming an attractive channel for cybercrime perpetrators. Today, cybercriminals target viral posts to reach a diverse range of people. Through basic spamming techniques such as creating short posts with links to freebies and job posts, cybercriminals lure unsuspecting social media users into clicking malicious links, which transmit malware after they are clicked on. Based on CyberInt’s research, 1.92% of all posts, comments and tweets found on a company’s social media feed are malicious or attempted attacks. Last year, 13% of large organizations experienced a security or data breach associated with social media networking sites. There is no denying that social media sites are now a hotbed for cybercrimes: In 2015, cybercriminals leveraged LinkedIn in health insurance provider Anthem’s hack, exposing sensitive data such as names, Social Security numbers, birth dates, addresses, email addresses, employment information and the salary of as many as 80 million current and former customers. Social phishing, which attempts to obtain an individual’s personal information through a corrupted link or other form of electronic communication, has become a common social media security threat. In the past, phishing attacks typically came in the form of emails; now, they are also perpetrated through social media private messages and wall posts. Links to malware can be disguised as ‘click-bait’ articles or videos posted on a company’s Facebook wall, Twitter or Instagram handles. Malicious links can cause devices to be infected with malware, which grants easy access to personal information and allows hackers to use the infected device as a platform to jump into other networks such as the home or office. Today, cybercriminals are using a wide range of social engineering techniques to spread malware and obtain sensitive data through social messaging channels such as Facebook chat. Cybercriminals are also leveraging social media Distributed Denial of Service (DDoS) attacks, which render social media sites inaccessible for long periods of time, to draw attention away from nefarious schemes usually involving stealthy data siphons. Some social media DDoS attacks also involve comment flooding, which causes a company’s Facebook page or Twitter to be flooded with millions of automated comments in a minute, paralyzing the company’s page feed. Automated programs or social bots are now being increasingly used for such schemes. Cybercriminals today even use illegitimate social media profiles or hijack existing social media profiles to disseminate malicious links and malware to a company’s employees, usually with the goal of extracting an organization’s sensitive data. Some resort to “false flag” scams, which involve impersonating social media platforms to trick users into revealing personal data that will allow them to access a company’s systems. Others go as far as putting up scam e-shops and coming up with fake advertisements on social media to impersonate brands. Aside from weakening a company’s immunity to future cyberattacks, these scams also translate to the loss of consumer trust in compromised brands. Social Media Teams Need to be in the Know Companies utilizing social media have the duty to protect their consumers and employees from cybersecurity risks. They need to take a closer look at what they are posting to prevent socially engineered attacks on employees while simultaneously ensuring that social media comments from the public do not contain links to malicious links that other community members might click on. As social media threats occur outside their network perimeter, organizations cannot easily detect these risks from the onset. They need to focus on prevention and the elimination of potential threats instead through the constant vigilance of cyber-activities. Organizations also need to identify the crown jewels and dedicate more resources to protect them and be aware how cyber criminals might leverage social media to gain access to their crown jewels. One way is to invest in targeted threat intelligence, which allows companies to gain insight on potential or current attacks that can harm their employees, brand reputation and customers. Cyber security organizations, like CyberInt, have cyber tools available that scan social media accounts and purge malicious comments in real time, to provide companies with better peace of mind. Leveraging social media as a marketing tool entails dealing with a sheer number of cybersecurity threats. Awareness is still the best safeguard to these threats: Social media teams should be aware of the risks associated with what they are posting and how cybercriminals are manipulating information in social media sites to advance their own selfish interests.  But awareness should be coupled with concrete action: Companies using social media in their marketing mix should also implement solid security policies to mitigate risks and vulnerabilities. One security measure companies can adopt is ensuring a close coordination between the social media team and the IT team— this arrangement will allow the social media team to stay updated on the latest cybersecurity threats and better monitor risks on their social media feeds.  Employees should also undergo training to improve their cyber hygiene and cyber posture so they can be fully aware of the threats and have a better appreciation of the security policies in place. Good security policies, however, would amount to nothing without the proper security tools. After all, it takes the right combination of people, processes and technology guardrails to address security challenges in today’s rapidly evolving digital workplace. Source: https://www.networksasia.net/article/so-your-company-social-media-are-you-practicing-safe-tweeting.1500001860

Read the original post:
So your company is on social media, are you practicing safe tweeting?

Short, low-volume DDoS attacks pose greatest security and availability threat to businesses

How can your organisation defend against constant DDoS attacks? Think what you can’t see can’t hurt you? A new report from Corero Network Security has shown that, when it comes to DDoS attacks, this is definitely not the case. The report suggests that the barrage of short, low volume DDoS attacks – which often go undetected by IT security staff and many DDoS protection systems – are in fact, the greatest DDoS risk for organisations, because they frequently go undetected and often mask more serious network intrusions. According to the DDoS Trends and Analysis Report, these short, stealth DDoS attacks are often used to disrupt and distract network operators. Typically less than 10Gbps in volume and less than 10 minutes in duration, these sub-saturating attacks are capable of knocking a firewall or intrusion prevention system (IPS) offline so that hackers can target, map and infiltrate a network to install malware and engage data exfiltration activity. These hidden motives have led Corero to describe this type of attack as “Trojan Horse” DDoS. Stephanie Weagle, VP at Corero Network Security discusses the key findings from the report below, and what the increased frequency and sophistication of DDoS attacks means for organisations trying to defend against today’s evolving cyber threat landscape. What were the findings from your latest DDoS Trends report? “The research shows that short, frequent, low-volume DDoS attacks continue to be the norm. Despite several headline-dominating, high-volume DDoS attacks over the past year, the majority (80%) of the DDoS attack attempts against Corero customers during Q1 2017 were less than 1Gbps per second in volume. In addition, almost three quarters (71%) of the attacks mitigated by Corero lasted 10 minutes or less. In total, Corero customers experienced an average of 124 DDoS attack attempts per month, equivalent to 4.1 attacks per day during Q1 of 2017. This is a 9 percent increase in attacks over Q4 2016.” Since last year’s attacks on Krebs on Security and Dyn, have we entered a quiet phase in terms of DDoS attacks? “As the research shows, DDoS attacks are by no means slowing down. The DDoS incidents that are experienced on a daily basis are the short, low volume attacks—just because these attacks aren’t making the evening news, does not mean that they don’t occur. “ Why are these short, sub-saturating denial-of-service attacks so dangerous? “The Internet of Things (IoT) introduced a host of opportunities for DDoS hackers as these devices hold the potential for extremely large botnets. Corero has identified a 55% increase in large DDoS attacks of more than 10Gb per second, in the first quarter of 2017, compared to the previous quarter. However, low-volume, short duration DDoS attacks can also be dangerous. Our report discovered that 73% of attacks in Q4 2016 and 71% of Q1 2017 lasted 10 minutes or less. These attacks can be a smokescreen, designed not to outright deny service but to distract from an alternative motive, usually data theft and network infiltration. This allows hackers to perfect their attack techniques while remaining under the radar. In addition to service outages, latency and downtime, short attacks allow cyber criminals to test for vulnerabilities within a network.” Why would hackers choose to inflict these short attacks, rather than to cause large-scale outages? “These smaller, shorter attacks typically evade detection by most legacy and homegrown DDoS mitigation tools, which are generally configured with detection thresholds that ignore this level of activity. This allows hackers to perfect their attack techniques while remaining under the radar, leaving security teams blindsided by subsequent attacks.” Can you give any examples of these kind of attacks inflicting serious damage? “Luckily for Corero customers, dealing with the repercussions of DDoS is a non-issue. Attacks are mitigated instantaneously, and good user traffic continues to flow and reach its destination as intended. Outside of the Corero customer base, some widely publicized attacks that led to data breach activity include TalkTalk and Carphone Warehouse.” Which are the sectors or organisations that are most at risk of attacks? “The reality is that any business that relies on the Internet to conduct business is at risk of a DDoS attack. But service providers in particular will find themselves at an important crossroads in the near future, as pressure builds from both customers’ and governments’ sides regarding their responsibilities when it comes to protecting their customers. That said, ISP’s and hosting providers can take advantage of the DDoS opportunity to not only protect existing infrastructure and assets, but also roll out profitable and effective DDoS protection services.” Do these kinds of attacks represent an additional risk for organisations preparing for GDPR? “GDPR is the hot buzz word heard around the cyber security industry lately. The risk of data theft resulting from sub-saturating DDoS attacks is extremely serious, and claiming to be ignorant of malicious activity on your network will not substitute a defence. To keep up with the growing sophistication and organization of well-equipped and well-funded threat actors, it’s essential that organizations maintain a comprehensive visibility across their networks to detect and block any potential DDoS incursions as they arise.” How can businesses best defend themselves against the latest DDoS attacks? “The combination of the size, frequency and duration of modern attacks represent a serious security and availability challenge for victims. Minutes or even tens of minutes of downtime or latency significantly impacts brand reputation and, ultimately, revenue generation. When you combine the size, frequency and duration of attacks, and the low volume sub-saturating nature of the threats; victims are faced with a significant security and availability challenge. “Today’s DDoS attacks are almost unrecognizable from the early days of attacks, when most were simple, volumetric attacks intended to cause embarrassment and brief disruption. Nowadays, the motives behind attacks are increasingly unclear and the techniques are becoming ever-more complex. This is particularly true in light of automated attacks, which allow attackers to switch attack vectors faster than any human can respond. “To keep up with the growing sophistication and organization of well-equipped and well-funded threat actors, it’s essential that organizations maintain a comprehensive visibility across their networks to detect and block any potential DDoS incursions as they arise. Automated, real-time mitigation techniques must be in place to eliminate the repercussions of the full spectrum of today’s DDoS attacks.” Source: http://www.itproportal.com/features/short-low-volume-ddos-attacks-pose-greatest-security-and-availability-threat-to-businesses/

Visit site:
Short, low-volume DDoS attacks pose greatest security and availability threat to businesses

Are massive cyberattacks the new normal?

When domain name system services supplier Dyn got hit with a distributed denial of service (DDoS) attack last October, waves of traffic overwhelmed the company’s network and disrupted access to the internet for large swathes of the United States and Europe. The Dyn perpetrators had successfully orchestrated one of the biggest-ever DDoS attacks, powered by a botnet of Internet of Things devices. Whoever was responsible for the Dyn attack showed how easy it was to deploy the Mirai source code, which is publicly available and easy to obtain. Many botnets have since incorporated the code, raising concerns that even worse is yet to come. The Mirai botnet also serves as the basis of an ongoing DDoS-for-hire service. With the number of IoT devices in business now in the billions, the specter of crippling attacks targeting IoT installations found in industrial control systems or critical national infrastructure becomes a possibility. The security world got another reminder of the growing magnitude of the threat when attackers carried out the biggest ransomware attack in history in May, infecting computers operated by more than 200,000 people in 150 countries with the so-called WannaCry virus. Size doesn’t matter The proliferation of these more powerful tools and technologies used to launch cyberattacks means that anyone can get access to a cyberweapon and potentially wreak wide-scale havoc. The irony is that many organizations still fail to enforce basic measures that would otherwise protect themselves from attack. Too many remain unprepared and fail to take simple steps, such as patching software on a routine basis. In theory, attacks like WannaCry should be preventable. Indeed, there was no shortage of warnings that organizations were leaving themselves vulnerable by failing to update aging computer operating systems with the latest software patches. It’s up to IT to be on top of updates for patches issued for any open source software used by the organization, particularly when it comes to their IoT deployments. They also need to be mindful of the lack of security in the IoT ecosystem. According to an AT&T Cybersecurity Insights report, the world of IoT has become a digital Petri dish for hackers and other cybercriminals eager to probe for weak spots. Other IoT must-do’s: Many devices get shipped from the manufacturer preconfigured with usernames and passwords that hackers can locate using search engines. Change them immediately. As DDoS attacks grow ever larger, there’s obvious incentive to take measures that will block as many potential threats as possible at the edge of your network. Along with identifying your vulnerabilities, make sure there are multiple layers of security in place and configure your applications to make them better resistant to exploitation. Make sure there’s a good firewall in place along with rules to drop junk packets or reject unnecessary external protocols. An ISP can help by stopping unnecessary traffic upstream. Also, run constant network scans of the corporate network to locate any security holes before the bad guys find them first. A fail-safe defense may not exist but you can mitigate a threat that, unfortunately, is becoming the new normal in the security world. Source: http://www.csoonline.com/article/3200769/data-breach/are-massive-cyberattacks-the-new-normal.html

Link:
Are massive cyberattacks the new normal?

UK Teen Charged with Running DDoS Booter Service

UK authorities have charged an eighteen-year-old with running a DDoS booter service that was used to launch DDoS attacks on legitimate businesses across the world. According to authorities, the teenager’s name is Jack Chappell, 18, of Stockport, a small town southeast of Manchester, UK. Investigators say Chappell created malware that he installed on devices around the world. He used this malware to create a DDoS botnet to which he then granted access to paying customers. Clients used this DDoS booter service to launch attacks on various companies across the globe. Investigators say that Chappell’s booter was the one that took down NatWest’s online banking system several times in the summer of 2015. Authorities say Chappell’s DDoS-for-hire platform was also responsible for DDoS attacks on the infrastructure of T-Mobile, EE, Vodafone, O2, BBC, BT, Amazon, Netflix, Virgin Media, and the UK’s National Crime Agency (NCA). Following years of investigations, the West Midlands Regional Cyber Crime Unit, together with Israeli Police, the FBI, and Europol’s European Cybercrime Centre, have tracked down the teenager, currently a student at an unnamed university. Authorities say Chappell had a partner, an American national, about whom they did not reveal any information. West Midlands Police charged the teenager today with impairing the operation of computers under the Computer Misuse Act and encouraging or assisting an offense and money laundering crime proceeds. Chappell will appear in a Manchester court tomorrow, July 4, 2017. Authorities did not release the name of Chappell’s DDoS booter service. Source: https://www.bleepingcomputer.com/news/security/uk-teen-charged-with-running-ddos-booter-service/

See the original article here:
UK Teen Charged with Running DDoS Booter Service

Hackers threaten South Korean banks with DDoS attacks following record ransomware payment

The Armada Collective hacking group has issued a ransom demand of approximately $315,000 to seven South Korean banks, threatening to launch distributed denial of service attacks against each of their organizations. The threat came just days after fellow South Korean firm NAYANA negotiated a record $1.01 million ransom payment on June 14 to remedy an unrelated ransomware attack that locked up its systems. The timing of this latest threat has reportedly prompted some observers to wonder if NAYANA’s actions encouraged the Armada Collective to test the resolve of other South Korean companies. Citing financial authorities, the Yonhap News Agency on June 21 named the threatened banks as KB Kookmin Bank, Shinhan Bank, Woori Bank, KEB Hana Bank, NH Bank and two other lenders. The banks were given a deadline of June 26. The Armada Collective has engaged in this behavior before. For instance, in April 2016 Cloudfare published a report detailing an Armada Collective campaign that issued empty DDoS threats against a wide range of businesses extorting hundreds of thousands of dollars in the process. Source: https://www.scmagazine.com/hackers-threaten-south-korean-banks-with-ddos-attacks-following-record-ransomware-payment/article/671377/

Excerpt from:
Hackers threaten South Korean banks with DDoS attacks following record ransomware payment

$1 Million Ransomware Payment Has Spurred New DDoS-for-Bitcoin Attacks

The $1 million ransom payment paid last week by South Korean web hosting company Nayana has sparked new extortion attempts on South Korean companies. According to local media, seven banks have received emails that asked the organizations to pay ransoms of nearly $315,000 or suffer downtime via DDoS attacks. Only five of the seven targets are publicly known, which are also the country’s biggest financial institutions: KB Kookmin Bank, Shinhan Bank, Woori Bank, KEB Hana Bank, and NH Bank. Ransom demands made by Armada Collective The ransom demands were signed by a group of “Armada Collective,” a name that has a long history behind it. The group first appeared in 2015, and they are considered one of the hacker groups that popularized ransom DDoS (RDoS) attacks alongside another group known as DD4BC (DDoS-for-Bitcoin). While Europol apprehended suspects behind the DD4BC group, the people behind Armada Collective were never caught, and their tactics seem to have evolved across time. Armada Collective and RDoS attacks over time Radware, a cyber-security company that tracks RDoS attacks on a consistent basis, says the group has gone through two main stages. In the beginning, the group targeted a small number of targets, all from the same industry, and launched demo DDoS attacks to prove their claims and force the hand of victims into paying the ransom. After a successful extortion of the ProtonMail secure email service in late 2015 that got a lot of media attention, the group appeared to have gone into hiding, but then returned in 2016. This time around, the group’s tactics changed, and Armada Collective — or impostors posing as the group — only made empty threats, targeting a large number of companies, all at the same time, from different sectors, and rarely launched any DDoS attacks to prove their claims. Armada Collective’s RDoS attacks in 2016 were hardly noticed. Because of the group and DD4BC’s success, numerous other actors entered the DDoS ransom market niche, such as New World Hackers, Lizard Squad (copycats), Kadyrovtsy, RedDoor, ezBTC, Borya Collective, and others. Most of these groups issued empty threats, a common theme with RDoS groups in 2016, also continued in 2017, with new groups such as Stealth Ravens, XMR Squad, ZZb00t, Meridian Collective, Xball Team, and Collective Amadeus. Furthermore, empty DDoS threats from groups posing as Anonymous have been the norm for the past two years, with the most recent wave being detected just last week. Nayana’s payment may lead to more attacks on South Korea Last week, Armada Collective’s name resurfaced after a long period of silence. The ransom demands were sent — not surprisingly — just two days after news broke in the international press that a South Korean web hosting company paid over $1 million in a ransomware demand. Nayana’s payment was the largest ransomware payment ever made and may have involuntarily put a giant bullseye on the backs of all South Korean businesses, now considered more willing to pay outrageous ransom demands to be left alone. The Armada Collective ransom letters sent last week to South Korean banks said the group would launch DDoS attacks on the targeted banks today, June 26, and double their ransom demand. At the time of writing, the attacks didn’t take place, based on evidence available in the public domain. Nonetheless, the attackers won’t be discouraged by this initial refusal, and if they truly have the ability to launch crippling DDoS attacks like the ones that targeted ProtonMail, then South Korean banks and other businesses are in for a long summer. Source: https://www.bleepingcomputer.com/news/security/-1-million-ransomware-payment-has-spurred-new-ddos-for-bitcoin-attacks/

See the original post:
$1 Million Ransomware Payment Has Spurred New DDoS-for-Bitcoin Attacks

Why the Internet of Things could lead to the next great wave of DDoS attacks

Businesses should ensure that they are still securely protected against DDoS attacks, despite the recent growth of other trends such as ransomware. That’s the warning from Arbor Networks, which is urging organisations of all sizes to make sure they stay safe online as DDoS attacks are still rife around the world. Speaking to ITProPortal at the recent InfoSecurity Europe 2017 event in London, Arbor CTO Darren Anstee reinforced the need for businesses to maintain their DDoS protection, despite it being hard to predict who might be hit next. “DDoS is all about targeting the availability of those services that modern businesses rely on,” he noted. In order to combat this growing threat, the company recently revealed an updated version of its APS on-premise, distributed DDoS detection and mitigation platform for enterprise customers. The new release includes Arbor’s latest Cloud Signalling tool, which can help reduce the time to attack mitigation, bringing together on-premise and hybrid cloud migration efforts. The Internet of Things is also set to provide a major new threat landscape for DDoS attacks, Arbor Networks believes, with past attacks such as Mirai and Dyn showing the potential for chaos. “There are a lot of IoT DDoS attacks going on out there”,  Anstee says, noting that most people only hear about these assaults when a big brand is affected. Poor regulation of IoT products has not helped with the spread of potential attacks, with many consumers unaware that the items they are buying will pose some kind of security risk. But Anstee says that commercial pressure could instead play a big role in changing the current landscape, as vendors often return to market trends faster than regulatory pressure. “If you want things to change quickly, you have to get people to get security implemented into their buying process,” he notes, adding that it is a “valid worry” that IoT attacks could scale to affect areas such as smart cities and infrastructure networks soon. “We are going to see IoT devices being used for more nefarious purposes over the next few years…I don’t see the problem going away”. As the recent WannaCry ransomware attack showed, however, businesses need to be protected against all kinds of threats. Anstee noted that ransomware should remain a major concern for companies both large and small likely to be targeted. “It’s a numbers game when it comes to ransomware,” he noted, “it is a very broad brush – if just one or two people pay, it makes it all worthwhile.” In order to stay protected, there are several central steps that companies can take, Anstee added. This includes network segmentation, which would allow infections such as WannaCry to be quickly and easily contained. “It’s not a sexy topic, but it needs to happen in many businesses,” he says. “We’ve all focused on agility, and flattening network infrastructure…but this is really important, as it can stop such attacks propagating within networks, if it’s done properly.” But companies also need to ensure they have proper IT risk management systems, with Anstee noting that some infections WannaCry could have been blocked quickly if proper processes had been in place – and various departments had communicated properly. “You can’t really blame anyone for this,” he concludes, “it really is a lot about talking to each other.” Source: http://www.itproportal.com/news/why-the-internet-of-things-could-lead-to-the-next-great-wave-of-ddos-attacks/

Taken from:
Why the Internet of Things could lead to the next great wave of DDoS attacks

Don’t all rush out at once, but there are a million devices ripe to be the next big botnet

As bad as Mirai was, it could have been much worse A wormable vulnerability involving an estimated one million digital video recorders (DVR) is at risk of creating a Mirai-style botnet, security researchers warn.…

More:
Don’t all rush out at once, but there are a million devices ripe to be the next big botnet

Internet hygiene still stinks despite botnet and ransomware flood

Millions of must-be-firewalled services sitting wide open Network security has improved little over the last 12 months – millions of vulnerable devices are still exposed on the open internet, leaving them defenceless to the next big malware attack.…

More here:
Internet hygiene still stinks despite botnet and ransomware flood