Category Archives: DDoS News

Companies under DDoS Attack Fear Losing Business Opportunities the Most

DDoS attacks are now one of the most common and affordable cyberweapons. They are used by unscrupulous competitors, sinister extortionists or just everyday cyber-vandals. More and more companies, regardless of their size or business, are encountering this threat. And, according to the results of a survey conducted by Kaspersky Lab and B2B International, the majority of companies believe that revenue and reputation losses are the most damaging consequences of a DDoS attack. According to the figures, companies regard lost business opportunities – the loss of contracts or on-going operations that generate guaranteed income – as the most frightening consequence of a DDoS attack. 26 per cent of companies that encountered DDoS attacks regarded this as the biggest risk. Reputational risks (23 per cent) were viewed as the next most frightening consequence, likely to be since a negative customer or partner experience can drive away future contracts or sales. Losing current customers who could not access the anticipated service due to a DDoS attack was in third place: named by 19 per cent of respondents. Technical issues were at the bottom of the pile: 17 per cent of respondents identified a need to deploy back-up systems that would keep operations online as the most undesirable consequence, followed by the costs of fighting the attack and restoring services. The research also revealed that respondents from companies in different fields take different views of the consequences of DDoS attacks. For example, industrial and telecoms companies, as well as e-commerce and utilities and energy organisations, tend to rate reputational risks ahead of lost business opportunities. In the construction and engineering sector there is more concern about the cost of setting up back-up systems, perhaps because larger companies face higher expenditure on this kind of system. “ People who have not yet faced a particular threat often tend to underestimate it while those who have already experienced it understand which consequences might be the most damaging for them. However, it makes little sense to wait until the worst happens before acting – this can cost companies a lot, and not only in financial terms. That is why it is important to evaluate all possible risks in advance and take appropriate measures to protect against DDoS attacks ”, said Evgeny Vigovsky , Head of Kaspersky DDoS Protection, Kaspersky Lab. DDoS attacks on company resources are becoming a costly problem but only 37 per cent of the organisations surveyed said they currently have measures in place to protect against them. This is an unnecessary oversight at a time when the IT security market can offer reliable and easy-to-deploy security solutions that are able to prevent loss of access to online services caused by a DDoS attack. For example : Kaspersky DDoS Protection does not require the installation of heavy server solutions on the customer’s infrastructure. Traffic filtration during an attack is handled in special cleaning centers according to the tailor-made rules defined for each customer and each attack. The solution is backed up by Kaspersky Lab experts, whose many years’ experience of protecting against online threats allows them to detect attacks fast and block them, regardless of the intensity and complexity of the assault. Source: http://www.informationsecuritybuzz.com/companies-under-ddos-attack-fear-losing-business-opportunities-the-most/

See the original post:
Companies under DDoS Attack Fear Losing Business Opportunities the Most

DDoS network attacks frustrate Brunswick County School officials

Officials with Brunswick County Schools and the Brunswick County Sheriff’s Office are investigating distributed denial-of-service (DDoS) attacks on the school’s network. According to officials, the attacks have been occurring since county schools reopened in January and have been increasing in frequency that past several weeks. A DDoS attack is usually an outside attack that uses multiple computers or devices to flood a targeted network with so much traffic that it overloads and crashes the system or cripples the ability of legit users from accessing it. School officials say staff members are becoming extremely frustrated at the internet connectivity issues associated with the attacks. The Brunswick County School’s technology department has been working to try and mitigate the impact on the school’s network. Officials say that the county’s network infrastructure is being specifically targeted in the attacks, but the systems have not been compromised. A preliminary investigation has revealed that the individual(s) initiating the attacks have at some point been an authenticated user signed into the school’s network. School officials says this leads them to believe that the responsible party is a current or former student or staff member. Authorities are still investigating. Source: http://www.wect.com/story/28614292/ddos-network-attacks-frustrate-brunswick-county-school-officials

See more here:
DDoS network attacks frustrate Brunswick County School officials

Maine, NH Websites Taken Down by Spam DDoS Attack

A spam attack temporarily took down websites for the states of Maine and New Hampshire on Monday. A hacker group claimed responsibility on Twitter for taking down maine.gov and visitnh.gov. Both sites were back up and running within about an hour. Maine Secretary of State Matt Dunlap said maine.gov was shut down by a spam attack, but it was not hacked. He said there was no info breach. The Secretary of State’s Office posted a message to its Facebook page saying that maine.gov was experiencing a “denial of service” event, and that the IP addresses that were overwhelming the website with requests were being blocked. “We’re on it,” said Adrienne Bennett, Maine Gov. Paul LePage’s press secretary. “We understand the details of it.” William Hinkle, New Hampshire Gov. Maggie Hassan’s communications director, said the third party that hosts visitnh.gov experienced a “distributed denial of service” attack against its servers at one of its datacenters around 8:57 a.m. Monday. That site and several others hosted by that datacenter were inaccessible until about 9:41 a.m. “The Division of Travel and Tourism, the Department of Information and Technology and its service providers are working together to determine more details about the root cause of the issue,” he said. “At this time, our service provider reports that they have no evidence suggesting that visitnh.gov was the specific target.” Source: http://www.necn.com/news/new-england/Maine-NH-Websites-Taken-Down-by-Spam-Attack-297255971.html

Continue Reading:
Maine, NH Websites Taken Down by Spam DDoS Attack

Massive DDoS racks up $30,000-a-day Amazon bill for China activists

Site flooded with 2.6 billion requests an hour Chinese activist site Greatfire.org which masks censored traffic into the country is under a sustained distributed denial of service (DDoS) attack that is racking up $30,000 a day in server costs.…

See the original post:
Massive DDoS racks up $30,000-a-day Amazon bill for China activists

‘China censorship’ service GreatFire.org reports DDoS attacks, asks the Internet for help

GreatFire.org, the not-for-profit website designed to highlight online censorship relating to China’s so-called “Great Firewall,” has announced that its mirror websites — set up to circumvent blocks in China — are currently suffering a distributed denial-of-service (DDoS) attacks. A DDoS overwhelms the target — in this case, GreatFire.org’s mirror websites — with a deluge of data, with the intention of causing the network to crash. GreatFire.org is presently reporting 2.6 billion requests per hour — 2,500 times more than its usual traffic — and it says it’s just managing to cope, having switched to faster servers and used other techniques to manage the load. However, it adds that it fears “the attack may be intensified at any time.” China has a long history of blocking online services, and reportedly blocked the whole of Google in the buildup to last year’s 25th anniversary of the Tiananmen Square protests. Back in December, Gmail went dark again too. GreatFire.org basically monitors blocked websites and keywords in China, and has been doing so since 2011. It also offers solutions such as “mirror” websites for circumventing blocks for those located in China. Given GreatFire.org’s core raison d’être , one that would presumably raise the ire of the powers that be in China, it’s surprising to learn that this is in fact the first such attack its sites have undergone in its four-year history. GreatFire.org says the attack began on March 17 and affects all of its mirror websites. Though it asserts that it doesn’t know who or what is behind the attacks, the organization points to a recent story in the Wall Street Journal that reported on how U.S. cloud service providers were facing a backlash from censors in China. The article also talked about how GreatFire.org manages to unblock websites and apps. Notably, GreatFire.org also points to pressure from the Cyberspace Administration of China (CAC) over the past few months. [It] publicly called us “an anti-China website set up by an overseas anti-China organization.” We also know that CAC has put pressure on our IT partners to stop working with us. GreatFire.org is also asking for help — it says that its server costs on Amazon have risen to $30,000 a day (though it doesn’t say what it normally pays). Hinting that it would like Amazon to absorb this cost to support the free-speech cause, the site said: We need companies like Amazon to be on our side and, more importantly, on the side of freedom of speech. We need you to tell Amazon that you think that freedom of speech is an important issue and that Amazon, as a leading global enabler of the internet, plays an important role in access to information. The organization has also asked for anyone with expertise in this realm to get in touch to lend their support. Source: http://venturebeat.com/2015/03/19/china-censorship-website-greatfire-org-suffers-ddos-attack-asks-the-internet-for-help/

Taken from:
‘China censorship’ service GreatFire.org reports DDoS attacks, asks the Internet for help

Oklahoma City’s Website Hit With Two DDoS Attacks

The City of Oklahoma says its website was the victim of a second denial-of-service, or DOS attack, in as many days early Wednesday morning. At 7:44 a.m. the city tweeted its website was down, so KGOU reached out via the social media platform. Zach Nash is a creative manager for the City. He said they were being hit from Russia, China, and the United States by hundreds of computers infected by bots designed to send so much information to a network or a server that legitimate web traffic is blocked. “There was a Twitter account that said they were taking responsibility for it. They didn’t say why they were,” Nash said. Oklahoma City IT staff is working to get software installed to block any future attacks. “With the security world, there’s nothing that’s foolproof, but we’re trying to take steps to prevent this from happening again,” Nash said. So far there’s no evidence residents’ personal or confidential information was accessed. “Right now we know that it was a denial-of-service attack, which is different from a hack,” Nash said. “But we are monitoring that traffic and making sure, and if we do find out that happened, we will let people know as quickly as possible and take steps to mitigate that.” Source: http://kgou.org/post/oklahoma-citys-website-hit-two-denial-service-attacks

Read More:
Oklahoma City’s Website Hit With Two DDoS Attacks

Bitcoin Mining Pools Targeted in Wave of DDOS Attacks

AntPool, BW.com , NiceHash, CKPool and GHash.io are among a number of bitcoin mining pools and operations that have been hit by distributed denial-of-service (DDoS) attacks in recent days. The incidents appear to have begun in the first week of March. For example, on 11th March, AntPool owner Bitmain sent an email to customers disclosing the DDoS attacks and advising external pool users to set up failsafe pools in the event of an outage. According to many of the companies affected by the incidents, those behind the attacks demanded payment in bitcoin in return for stopping the attacks. BW.com alerted customers via its official blog to possible service disruptions owing to oattacks, but did not say whether or not a ransom notice had been sent. Other pools took to Bitcoin Talk to warn users about the DDOS attacks. GHash.io operator CEX.io suggested that affected pools are seeing escalating DDoS threats, and said that the source of recent attacks on its pool came with increasing ransom demands. A spokesperson for CEX.io told CoinDesk: “The attack has been conducted by a hacker who has already DDoSed CEX.IO in October, 2014. Previously, he demanded 2 BTC for stopping the attack. This time, the payment has been raised to 5 to 10 BTC.” At least one other mining pool, NiceHash, also reported sustained DDOS attacks last fall. The alleged source of the DDOS attacks, operating under the name DD4BC, is believed to be behind a number of attacks on digital currency websites and services in the past year. Incidents tied to DD4BC include an attack last year on the digital currency exchange Bitalo that resulted in the posting of a 100 BTC bounty. Following the recent DDOS threats, Bitmain contributed an additional to the bounty. Disruptions likely to continue Affected pools say they have moved to boost in-house defense mechanisms in light of the attacks, but some have warned that future outages may likely occur. Bitmain said that its other services, including the cloud mining platform HashNest, may also be affected in the coming days. Operators that responded to press queries say they have refused to pay the ransoms and will continue keeping their pools open despite the risk of future DDoS attacks. Some of the pools have conceded that resolving the situation will be difficult owing to the capabilities believed to be possessed by the source of the attacks. Bitmain’s Yoshi Goto noted that the attacks appear to be systematic and acknowledged that it remains unclear when the situation will be completely resolved. “It is a cat and mouse game now but we will do our best,” he said. CoinDesk will continue monitoring the developments and post updates as they become available.  Source: http://www.coindesk.com/bitcoin-mining-pools-ddos-attacks/

See more here:
Bitcoin Mining Pools Targeted in Wave of DDOS Attacks

DDoS attack targets Femsplain on International Women’s Day

Feminist blog Femsplain was taken offline earlier today by a distributed denial of service (DDoS) attack, according to the site’s founder, Amber Gordon. She tells The Verge that the site was offline for roughly three hours before service returned intermittently late Sunday afternoon on the East Coast. The timing seems far from random: today is International Women’s Day. In a tweet, Gordon — best known online as @missambear — shared a screenshot showing the massive influx of traffic from the DDoS attack. Such attacks overwhelm the servers that host websites with a avalanche of requests. According to Gordon, these sorts of attacks are not rare. “We constantly have people attacking us and attempting to bring our website down. It’s unfortunate but the reality of our mission.” She added in comments to The Verge that prior attacks are “never to this severity and I think it’s because it’s International Women’s Day.” Social media accounts taking credit for the attack used the hashtag #internationalwomensday, suggesting the harassment is tied to today’s date. The blog started up late last year as a place for women to discuss topics from online harassment to Gamergate. It has a group of female contributors who publish stories to the site. It also shares reader submissions. Gordon says that “our community is so vocal about supporting us that tons of people were sending messages out on social media to raise awareness that this was happening.” She added, “unfortunately it happened on a day that’s meant to celebrate women.” Source: http://www.theverge.com/2015/3/8/8171269/ddos-attack-targets-femsplain-on-international-womens-day

Excerpt from:
DDoS attack targets Femsplain on International Women’s Day