There is a lot of media hype surrounding volumetric style DDoS attacks recently where the focus has been on large Gb/sec attacks, sometimes up to 400 Gb/sec. In reality, these are very rare and these …
Read the original:
DDoS attacks: Criminals get stealthier
Inadvertent victims of “politically motivated” hack. A politically motivated DDoS attack on a US-based web hosting service has delivered global repercussions affecting a number of Australian websites including the homepages of the Australian Labor Party and the Bob Brown Foundation. Both organisations use the services of NationBuilder, a cloud-based web hosting and customer relationship management platform designed specifically for nonprofits, political parties and politicians. The ALP.org.au website was down for a few hours yesterday morning, its Canberra HQ confirmed. The Bob Brown Foundation site was also down yesterday and then again last night, said organiser Steven Chaffer, who had been contacted by a NationBuilder account rrepresentative. The state branches of the Labor Party also use NationBuilder, as does Victorian independent MP Cathy McGowan and the community services union United Voice. United Voice said it was not aware of any disturbance to its web presence. Yesterday NationBuilder was hit by a DDoS attack it believes to have been in protest against the political stance of one of its clients. “We are reasonably certain the attack is directed at one of our customers for their political beliefs, and is meant to disrupt upcoming elections,” wrote CEO Jim Gilliam on the NationBuilder website early this morning Australian time. He said the attack has caused “intermittent service outages” for the company’s clients but assured users that data and financial information was never exposed. “We know the impact is immeasurable and we are very, very sorry,” he said. “We are fiercely committed to serving all of our customers. Everyone has the right to organise – in fact, this is the very reason NationBuilder exists.” NationBuilder has not responded to iTnews’ requests to confirm the identity of the targeted client. However posts on the Anonymous hackers forum and from the self-professed antagonist on Twitter claim that the attack is targeting the British political party UKIP, which is taking its anti-immigration policy platform to elections for the UK membership of the European Union next week. The party’s leader Nigel Farage has been a controversial figure, branded as a racist by the UK Labor party. UKIP has been the subject of DDoS attacks before, and its website was one of many down intermittently yesterday and into today. Australian clients told iTnews that their services have now resumed. Source: http://www.itnews.com.au/News/386077,alp-bob-brown-sites-downed-by-ddos.aspx?utm_source=feed&utm_medium=rss&utm_campaign=editors_picks
View the original here:
Australian Labor Party and the Bob Brown Foundation hit by DDoS attack
Add Plenty of Fish to the list of technology companies whose websites have come under DDoS attacks from unknown cybercriminals in recent days. The company says that it was the victim of a five-hour attack today that affected approximately 1 million users. Initially, the attacks took down the Plenty of Fish website, then later the company’s mobile apps on iPhone, iPad and Android. As per the usual M.O., the attacker first contacted the site to warn them of the impending DDoS at 6:45 AM PT, then the attack started at 8:13 AM PT where it continued for several hours, off and on. The company says it was only recently able to mitigate the flood, and is now fully up and running again. The attack was 40 Gigabits in size, which makes it larger than the attack which took Meetup.com offline for nearly five days last month – that attack was “only” 8 GBps, the company had said at the time. These DDoS attacks (distributed denial-of-service attacks) have become more powerful as of late, thanks to the way attackers are exploiting older internet protocols like Network Time Protocol, or NTP, to increase their size. That seems to be the case here, given the size of the attack that Plenty of Fish suffered. Other companies that have been attacked more recently include TypePad, Basecamp, Vimeo, Bit.ly, and as of this past weekend, marketing analytics software provider Moz, to name just a few. In Plenty of Fish’s case, the attacker demanded $2,000 to have them stop the attack. Want to know if your company is about to have a bad day? Look for an email like this: From: dalem leinda Date: Tue, May 20, 2014 at 12:09 PM Subject: Re: DDoS attack, warning If you feel ready to negotiate, I’m still here. For something around $2k, I will stop the current attack and I will not resume further attacks. The amount depends on how quickly you can make the payment. Source: http://techcrunch.com/2014/05/20/dating-website-plenty-of-fish-hit-by-ddos-attack/?ncid=rss
Read more here:
Dating Website Plenty Of Fish Hit By DDoS Attack
A total of five individuals have been arrested by Chinese authorities on suspicion of being behind distributed denial-of-service (DDOS) attacks launched against the systems of a Shanghai-based online gaming company. According to police in Shanghai ‘s Xuhui District, cited by Ecns.cn, the first suspect, surnamed Wu, was arrested in January, after the targeted company provided authorities with information needed to track him down. Wu told investigators that he had been hired by one of the targeted company’s competitors, an Internet firm based in the Henan Province operated by an individual called Tu. Tu’s firm offered not only online games, but also hacking services. The individuals he hired would hack into the systems of various organizations and use the hijacked computers to launch DDOS attacks against various targets. The attacks launched against the Shanghai online games company are said to have resulted in damage of close to 10 million Yuan ($1.6 million / €1.16 million). The attacks were aimed at the login page for an online game and prevented paying customers from accessing their accounts. Police detained Wu, Tu and three other individuals suspected of being responsible for the cyberattacks. The company operated by Tu is believed to be involved in other illegal activities as well, including hacking, distribution of obscene materials, and hosting illegal ads. Source: http://news.softpedia.com/news/5-People-Arrested-for-Launching-DDOS-Attacks-on-Systems-of-Chinese-Gaming-Company-441863.shtml
View original post here:
5 People Arrested for Launching DDOS Attacks on Systems of Chinese Gaming Company
DNS flood washes over company servers Domain hosts Point DNS has been hammered with a high intensity DDoS attack on Friday, knocking servers out for hours.…
Originally posted here:
Point DNS blitzed by mystery DDoS assault
Two new reports reveal that DDoS attacks are not only getting bigger- now logged between 250 and 325 Gbps, but that these attacks often target the same organisation more than once. The business challenge presented by DDoS attacks hit the spotlight once again this morning, after a research analytics firm revealed that 35 per cent more firms were hit by attacks during 2013 than in 2012 – and with 28 per cent of logged attacks seen last years lasting two days or more. The most revealing takeout from the Neustar analysis – the firm’s second annual report, entitled `DDoS Attacks & Impact Report – 2014: The Danger Deepens’ – is that once attacked, there is an estimated 69 percent chance of a repeat attack. And whilst 31 per cent of these companies were DDoS-attacked once, over 48 percent said they had been targeted between two to 10 times. Neustar’s figures confirm Arbor Networks’ report – released last week – which saw a record 325 Gbps attack hit a French organisation earlier this year, with a massive spike logged by the research division of the DDoS remediation firm on the first quarter of this year. Arbor says that it 72 attacks larger than 100 Gbps in size and volume, as well as 50 percent more attacks in the first quarter of 2014 than the entirety of 2013. Back at Neustar, the research company claims that 32 percent companies hit by a DDoS attack last year estimated the events had cost them more than £240,000 per day during the outage. Additionally, the reports notes larger DDoS attacks are becoming more frequent with a 200 percent increase in attacks affecting bandwidth of between 1 and 20 Gbps. For its research, Neustar took in response from 331 companies in the UK, across a range of public and private sector organisations. The company says its results show that DDoS attacks disrupt multiple business units – with public-facing areas like call centres, customer service and marketing operations absorbing more than 40 per cent of DDoS-attack related costs. This high cost may because these business functions are key revenue earners in most commercial companies, SCMagazineUK.com notes, but the report also cautions that DDoS attacks are now being used as smokescreens for other attacks – an attack vector that security researcher Brian Krebs has reported on several times over the last 12 months. Rodney Joffe, Neustar’s senior VP and technology fellow, said that organisations must remain constantly vigilant and abreast of the latest threats. “As an example, Neustar’s UltraDNS network suffered an attack just last week peaking at over 250 Gbps – a massive attack by industry standards. Even with proper mitigations in place, the attack caused an upstream ripple. It is a constantly changing threat landscape,”he noted. According to Mark Teolis, general manager with DOSarrest, a DDoS remediation specialist, the key problem with the latest generation of attacks is not just the volume and bandwidth used, but their general sophistication, with Layer 7 attacks now being seen in the mainstream. Layer 7 is the highest of the seven IP layers defined under the OSI (Open System Interconnection) model and represents the application layer – the location on the computing resource where data both originates and returns. Speaking with SCMagazineUK.com last week at the Infosecurity Europe show, Teolis said his firm’s latest software has been enhanced to deal with these latest Layer 7 attacks, by combining IDS (intrusion detection systems), load balancing, WAF (web application firewall) and DDoS mitigation under a single IT umbrella. Using an IDS, he explained, allows security professionals to pinpoint sophisticated layer 7 attacks, as well as provide cloud based WAF services. “Using these approaches – coupled with spreading the load across multiple cloud resources – significantly mitigates the effects of even the highest volume DDoS attack,” he said. Keith Bird, UK managing director with Check Point, told SCMagazineUK.com that DDoS attacks have been used as a hacktivist weapon for several years – and, as this research illustrates, now the net is widening to businesses at large. “We are seeing smokescreen-type attacks, and also more complex, multi-vector attacks on Web sites that combine DDoS with account tampering and fraud attempts,” he said adding, that, whilst these are difficult to defend against, firms should consider contingency and remediation plans in the event of such attacks. Source: http://www.scmagazineuk.com/ddos-attacks-half-of-targeted-firms-get-hit-again/article/345878/
See original article:
DDoS attacks: half of targeted firms get hit again
New research released by Neustar suggests that the majority of UK businesses are unprepared to cope with the threat of DDoS attacks. Distributed Denial of Service (DDoS) attacks are a common method for cyberattacks to disrupt an online businesses. A DDoS attack uses compromised computer systems to attack a single target, sending traffic from multiple points of origin in a flow, which often overwhelms a system, causing it to deny authentic traffic access to services. According to research released by Neustar, a third of UK businesses estimate losses of £240,000 per day when hit with DDoS attacks. After surveying 331 companies in the United Kingdom across numerous industries including financial services, technology, and the public sector, the analytics provider says larger DDoS attacks are becoming more frequent with a 200 percent increase in attacks affecting bandwidth between 1-20Gbps, in addition to a significant increase in attacks on bandwidth with a magnitude of 100Gbps or more. Neustar’s report, “ United Kingdom DDoS Attacks & Impact Report. 2014: The Danger Deepens ,” also states that DDoS attacks are a “growing threat to organisations with potentially calamitous consequences for companies” without proper protection. Not only can DDoS attacks have an immediate impact on sales and business revenue, they can have long-lasting detrimental effects on brand value, customer trust, and public reputation. Key findings from the survey include: DDoS attacks often disrupt multiple business units, with public-facing areas like call centres, customer service, and marketing absorbing over 40 percent of DDoS-attack related costs. Over 35 percent more UK companies were hit by DDoS attacks in 2013 compared with 2012. In 2013, there was an increased number of longer attacks, with 28 percent lasting up to two days or more. Once attacked, there is an estimated 69 percent chance of a repeat attack. While 31 percent of these companies were DDoS-attacked once, over 48 percent were targeted two to 10 times. In 2013, attacks requiring over six people to mitigate rose to 39 percent compared to 25 percent in 2012, a 56 percent increase. In addition, Neustar’s research highlights an increase in a trend dubbed “smokescreening.” These types of DDoS attacks are used by cybercriminals in order to divert IT department attention while malware and viruses are inserted within a business network, with the overall aim of stealing valuable data or funds. Rodney Joffe, Senior Vice President and Technology Fellow at Neustar commented: Organisations must remain constantly vigilant and abreast of the latest threats. As an example, Neustar’s UltraDNS network suffered an attack just last week peaking at over 250Gbps — a massive attack by industry standards. Even with proper mitigations in place, the attack caused an upstream ripple. It is a constantly changing threat landscape. In February, Web performance company CloudFlare reported the mitigation of a DDoS attack on a French website which reached a record-setting attack of at least 325Gbps, and a potential reach of 400Gbps. Source: http://www.zdnet.com/majority-of-uk-firms-unprepared-for-ddos-attacks-study-finds-7000029178/
More:
Majority of UK firms unprepared for DDoS attacks, study finds
Small, widely-dispersed botnets ought to do the trick Ignoring the manual and keeping your ‘bot nimble are some of the tips a quartet of security researchers have recommended to help spam reach inboxes more effectively.…
View article:
Boffins pen ‘Guide to better spamming’
France is seeing massive amounts of DDoS traffic going through its networks, thanks to sizeable hits on the country’s popular hosting providers As the UK enjoys a relatively low volume of distributed denial of service (DDoS) attacks, France is seeing deluges of traffic hitting organisations frequently, according to research. Major hosting providers, including the hugely-polular, OVH have attracted DDoSers to France, which was only outdone by the US in terms of the amount of DDoS traffic passing through the countries’ networks, according to Arbor Networks. A record 325Gbps attack hit France this year, but it is not known who was involved. DDoS threat getting bigger and bigger Darren Anstee, director of solutions architects at Arbor, said France was being attacked largely because of the popularity of those hosting providers. “They’ve got a lot of big hosting providers and some of those are used by the gaming industry [which is subject to significant sized attacks],” he told TechWeekEurope . Arbor spotted an unprecedented rise in DDoS attacks over the first quarter of 2014. It saw 72 attacks larger than 100Gbps and 1.5 times the number of attacks over 20Gbps as in the whole of 2013. The epic increase in attack size has come as a result of what’s known as amplification. Protocols such as Network Time Protocol can be used to generate massive DDoS attacks with relatively little effort on behalf of the offenders. They can abuse vulnerable NTP servers by spoofing the IP address of a target, sending small requests and getting massive responses. The target IP is then flooded with that traffic. Even protocols used by popular gaming services, from Quake to the Steam protocol, can be abused for amplification purposes. Source: http://www.techweekeurope.co.uk/news/ddos-france-gaming-hosting-companies-144777
View the original here:
France Getting Battered By DDoS Attacks
The beginning of 2014 saw 1.5 times the number of attacks over 20GB/sec, compared to the rest of 2013, according to new stats released by Arbor Networks today. At the Infosecurity Europe 2014, t…
Read the article:
Spike in DDoS attack size driven by NTP misuse