Tag Archives: ddos-defense

OpTrump: Anonymous declares war on Donald Trump with DDOS attack following Muslim ban speech

Hacktivist group Anonymous has continued to add to its list of targets, with controversial US presidential candidate Donald Trump the latest in the crosshairs. Following Trump’s radical speech stating he wanted to ban Muslims from entering the US, Twitter accounts linked to the group declared war. The OpTrump campaign launched last night (9 December) with the first piece of business taking down Trump’s website www.trumptowerny.com for several hours by hitting it with a DDOS (distributed-denial-of-service) attack, which crashed the site. One Twitter user posted a picture of the hack, claiming the site was “almost down”. Anonymous posted a video online in response to Trump’s comments and warned of the repercussions of his words. “Donald Trump, it has come to our attention that you want to ban all Muslims from entering the United States. This policy is going to have a huge impact. This is what Isis wants. The more Muslims feel sad the more Isis feels they can recruit them. The more the United States appears to be targeting Muslims, not just radical Muslims you can be sure Isis will be putting that on their social media campaign,” said a masked member of the hacktivist group. While Anonymous has yet to officially claim responsibility for the DDOS attack, Twitter users showed full support of the group and its campaign. In the grand scheme of things this was a fairly tame attack, as the website is still running as normal at the time of writing, but it did serve as a digital slap to show this could be the first of many targeted operations against Trump. Anonymous is also busy taking on Islamic State by organising an official Isis Trolling Day called “Day of Rage” on 11 December, where it is encouraging an uprising of social media users to post content mocking the terror group. They issued a list of actions in a statement that includes reporting accounts of Isis sympathisers, posting mocking photos and use mocking hashtags. There will also be organised demonstrations held around the world. Source: http://www.ibtimes.co.uk/optrump-anonymous-declares-war-donald-trump-ddos-attack-following-muslim-ban-speech-1532739

Mysterious hackers attempting to bring down entire internet by DDoS-ing critical servers

Mysterious hackers are yet again trying to bring down the entire internet by bombarding crucial servers that support it with a gigantic, sustained distributed denial of service (DDoS) attack, which has caused webpages to load slowly in some locations. There are 13 internet root name servers in the world that run the internet, and these servers are responsible for helping your web browser to locate top-level domains such as .com, .org, .net or any country-specific top level domains like .uk, .fr, .sg, .de, .ae and .cn. The servers function as a sort of internet address book and they make up what is known as the domain name system (DNS) system. The 13 root name servers are run by independent organisations in the world, including ICANN, the US Army, the US Department of Defense, Nasa, Europe’s internet registry RIPE NCC, the University of Southern California, Japan’s Wide Project and Sweden’s Netnod. Network infrastructure solutions firm Verisign also operates two of them, namely the “A” and “J” root servers (the 13 servers are named in sequence after the alphabet from A-M). DDoS attack sent 5 million queries per second The 13 root name servers are run by independent organisations in the world, including ICANN, the US Army, the US Department of Defense, Nasa, Europe’s internet registry RIPE NCC, the University of Southern California, Japan’s Wide Project and Sweden’s Netnod. Network infrastructure solutions firm Verisign also operates two of them, namely the “A” and “J” root servers (the 13 servers are named in sequence after the alphabet from A-M). “The incident traffic saturated network connections near some DNS root name server instances. This resulted in timeouts for valid, normal queries to some DNS root name servers from some locations.” You might think that the servers would be knocked offline by that much traffic, but no, they were saved by the root server operators having enough additional servers on standby that were able to balance the load of traffic. Although the sustained cyberattack resulted in some real queries from users surfing the web timing out in some locations, there were no complaints that end-users were having severe internet problems, so the root server operators believe that the attack would have been “barely perceptible” and all anyone would have seen was a slight delay in loading webpages in some web browsers. The root name server operators also stated that since IP source addresses can be easily spoofed and the traffic flooded multiple anycast websites, it is impossible to trace the traffic back to its source, so we have no idea who was behind this. Only a government could have this much clout However, if you use logic, it would take a really powerful entity like a country’s government to have the resources to sustain a coordinated cyberattack that lasted 48 hours and was able to keep flooding the root name servers consistently with a high level of traffic at five million queries a second. This is not the first time this has happened either – on 21 October 2002 a DDoS attack campaign attacked the 13 root name servers for one hour, and on 6 February 2007 a DDoS attack was sustained for 24 hours. In the first incident, the attackers didn’t have enough traffic to fully flood the servers and take them offline, while the second incident saw two root servers suffer badly, while another two servers experienced heavy traffic. So who could it be? Is it a foreign government, a terrorist group or cybercriminals? Who knows, but they seem to be getting better at it. Source: http://www.ibtimes.co.uk/mysterious-hackers-are-trying-bring-down-entire-internet-by-ddos-ing-critical-servers-1532762

Visit link:
Mysterious hackers attempting to bring down entire internet by DDoS-ing critical servers

Abe’s official website latest to come under possible cyber attack by Anonymous

Japanese Prime Minister Shinzo Abe may have had his official website attacked by the ‘hacktivist’ Anonymous group, local media reported Thursday. According to Japan’s public NHK broadcaster, Abe’s official website has been inaccessible since early on Thursday, with the international group of clandestine hackers knows as Anonymous allegedly posting a message on Twitter claiming responsibility for the cyber attack on the site. Abe’s top spokesperson, Chief Cabinet Secretary Yoshihide Suga, said the government had been informed about the possible breach to the prime minister’s site by Anonymous, but in a press conference earlier Thursday declined to comment specifically as to whether the attack had been carried out by Anonymous. The possible attack by Anonymous is the latest in a series of cyber attacks on Japanese websites, including most recently last month on the website of Japan’s Health, Labor and Welfare Ministry, which went down for three days after the group, according to its Twitter post, disabled the site by flooding it with enough data to crash its servers. As with the latest case, the Tokyo Metropolitan Police have been on high alert, although the government is either unaware or is remaining tight-lipped about the motive for the recent attacks, according to sources close to the matter Thursday. The group also took aim at Japan on Oct. 10 this year, when both Narita and Chubu airports in the east of the country, came under DDoS attacks with Anonymous saying on Twitter the attacks were a part of their campaign against Japan’s controversial dolphin hunting practice. The town of Taiji in southeastern Japan where the drive hunts take place saw its official website also taken down earlier in the year with police concluding that the hactivist group was responsible. The Japan National Tourism Organization and Japan’s Fishermen’s Union’s websites have also suffered DDoS attacks, for Japan’s continued dolphin hunts, it has been reported. Prior to these, in 2012, the government was also subjected to a series of cyber attacks by Anonymous following the implementation of new ant-piracy laws by the government, which outline stiff fines and jail terms for those downloading copyrighted content. The group highlight the fact that content suppliers were pressuring Internet Service Providers (ISPs) to implement surveillance technology in an unprecedented move that some felt impinged on privacy laws. As a result, the Finance Ministry, Supreme Court, the then ruling Democratic Party of Japan and Liberal Democratic Party of Japan all saw their sites attacked at the time, some with specific pages defaced. Source: http://www.ecns.cn/2015/12-10/192047.shtml

Unknown Copycat Using Armada Collective Name for DDoS-for-Bitcoin Extortions

Cyber-crime syndicates are moving in, pushing script kiddies out of the picture, expect more large-scale attacks After the success of DDoSing outfits like DD4BC and Armada Collective, an unknown copycat that’s using the Armada Collective name but asking for astronomical payments has appeared. A report from Recorded Future, a real-time threat intelligence protection company, shows that DDoS-for-Bitcoin extortion schemes are here to stay, with more and more attacks being launched solely for this reason. DD4BC have launched a new type of extortion scheme This trend can be tracked down to an Akamai report released over the summer that documented the actions of a hacking group known as DD4BC (DDoS 4 Bitcoin). This group launched DDoS attacks on companies around the world, requesting small payments in Bitcoin for each target. The group’s scheme was a simple one. They would send threatening emails to business owners, saying they would launch powerful DDoS attacks if a ransom was not paid in due time to a specific Bitcoin wallet. To prove their point, a small 15-minute DDoS was launched to showcase their capabilities. DD4BC’s scheme proved to be extremely lucrative and allowed them to rack up Bitcoin over the past year in over 140 DDoS attacks. The group was active since late 2014 and suddenly stopped its activity after the Akamai report was released, probably to avoid getting caught by law enforcement authorities alerted to their scheme. Enter Armada Collective Soon after, the first DD4BC copycat arose, in the form of the Armada Collective hackers, carrying out DDoS attacks on small businesses in Switzerland. They then expanded to email providers, and their name became known around the world in the famous ProtonMail incident. The incident is very well documented in one of our previous stories , but we’ll give you a small summary. Basically, Armada Collective followed the DD4BC regular tactics, sending an email and launching a small 10-15 Gbps DDoS attack on ProtonMail. Armada Collective returning ransom to ProtonMail As soon as the attack ended, ProtonMail revealed what happened, and more serious attacks took place, with ProtonMail paying the ransom in the end. Armada Collective denied any involvement and even went as far as to return the ProtonMail ransom, putting the blame on a state-sponsored actor with capabilities that far exceeded its own. Enter the unknown copycat But something else happened recently that made the Recorded Future team stop and ponder about the bigger picture, and that’s the DDoS-for-Bitcoin attacks on three major Greek banks . With DD4BC and Armada Collective always launching small-scale attacks and requesting modest ransoms (the equivalent of a few thousand dollars), this new group attacking Greek banks does not fit the bill. While the attacks of DD4BC and Armada Collective seem to be the work of script kiddies, the ones that brought down ProtonMail and the three major Greek banks were massive in scale. Coupled with the fact that this new group also requests ransoms in the order of millions of dollars, there are clear signs that they are a copycat that’s trying to remain hidden by passing as Armada Collective (as stated in the email sent to the Greek banks). With the number of DDoS-for-Bitcoin attacks on the rise, this type of cyber-threat is about to evolve from the work of script kiddies to the normal MO of larger cyber-criminal syndicates.

Continue reading here:
Unknown Copycat Using Armada Collective Name for DDoS-for-Bitcoin Extortions

UK research network Janet still being slapped by DDoS attack

DNS services appear to be targeted, switching may work Members of UK’s academic community from freshers to senior academics are facing more connection issues today as a persistent and continuous DDoS attack against the academic computer network Janet continues to stretch resources. Janet first came under a Distributed Denial of Service (DDoS) attack yesterday, and the same attack has continued through to today forcing much of the academic community offline. Initially, Jisc’s engineers and security teams identified the cause as a DDoS attack and worked to identify the source of the assault and implement blocks. However, after some suggestions of network stabilisation, further problems were seen. Janet reported that it would cease providing updates on its Twitter page following the attack, as the information seemed to be providing the attackers with hints about how to adjust their attacks. For those who find Janet’s DNS services sluggish to respond, it may be possible to work around the issue by switching to Google Europe’s DNS. Boffins from various field have somehow managed to take to Twitter to share their woes about the outage. Vision and Office 365 are also being reported as offline. The Register understands no ransom notice has been delivered to Jisc as of writing. DDoS-for-ransom attacks are almost always preceded by the ransom request, as an early payment saves the attackers money. Source: http://www.theregister.co.uk/2015/12/08/uk_research_network_janet_ddos/

View original post here:
UK research network Janet still being slapped by DDoS attack

Greek Banks Hit by DDoS Attacks, Hackers Ask for Bitcoin Ransoms to Stop

Armada Collective, the hackers that launched DDoS attacks on ProtonMail, are back and are targeting several Greek banks, using the same DDoS-for-Bitcoin extortion scheme. Unlike the ProtonMail debacle, when the secure email provider agreed to pay the hackers’ ransom, this time around, bankers contacted local law enforcement, as Greek newspaper Kathimereini is reporting. The attacks started on Thursday, November 26, and continued through this week. Three unnamed Greek banks were targeted, and Armada Collective hackers asked for 20,000 Bitcoin ($7,210,000 / €6,790,000) from each of them. Yanni Koutsomitis, Eurozone analyst and managing director at Imperial Media, said that, on Monday, Greek authorities brought in FBI specialists to help with the investigation and countering the cyber-attack. During the DDoS on ProtonMail, after the initial attacks that convinced ProtonMail management to pay the ransom, subsequent DDoS attacks grew in intensity. Armada Collective denied responsibility for the subsequent attacks, which were many times stronger than the early ones. Many believed the hackers’ explanation and suspected that a state-sponsored actor quietly got on the line and was taking revenge on the secure email provider labeled as “NSA-proof.” The attacks on the Greek banks now confirm that Armada Collective is a serious threat and has the power to cripple an entire nation’s financial institution. Previous Armada Collective targets include Hushmail, Runbox, and a few Internet Service Providers from Switzerland. None of them paid the ransom. Source: http://news.softpedia.com/news/greek-banks-hit-by-ddos-attacks-hackers-ask-for-bitcoin-ransoms-to-stop-496966.shtml

Read this article:
Greek Banks Hit by DDoS Attacks, Hackers Ask for Bitcoin Ransoms to Stop

Tux Machines Again Faces DDoS Attacks

The popular website Tux Machines has evidently fallen victim to a DDoS attack that made the site unavailable for part of the day on Friday. The announcement of the attack was initially made in a blog notice posted on the site late Friday morning GMT which opened with the line “Tux Machines has been mostly offline this morning.” According to the blog post, the attack was at first thought to have been initiated by the Chinese web services company Baidu, but a later update indicated that turned out not to be the case. “…Baidu was [not] at fault but botmasters who used ‘Baidu’ to masquerade themselves, hiding among some real and legitimate requests from Baidu (with Baidu-owned IP addresses).” At this time, it’s not known who’s behind the attack. Roy Schestowitz, who with his wife Rianne publishes both Tux Machines and the politically oriented FOSS blog site Techrights, told FOSS Force, “We’ve suspected EPO seeking revenge, which makes sense for Techrights, not Tux Machines.” EPO refers to the European Patent Office which recently threatened Schestowitz with civil action over an article which claimed the EPO purposefully gives priority to patent applications from large corporations. This isn’t the first time the outspoken Schestowitz’s sites have come under DDoS attacks. In September and October of 2014, both sites came under a crippling attack that lasted for several weeks and which left both sites unreachable for long stretches of time. Indications are that this current attack isn’t nearly as damaging, although Schestowitz said that he and his wife had been working to keep Tux Machines functional throughout the weekend. Many websites use the services of a content delivery network (CDN), in part as protection against all but the most robust DDOS attacks. Schestowitz told us that no CDN is used by either of his sites. “I wrote a lot about this before,” he said. “Performance, Tor, privacy issues, JavaScript and so on. So no, CDNs are out of the question.” We sent Tux Machines an email this morning to determine the current status but have not received a reply. However, at the time of publication the site was responsive, as was Techrights. Source: http://fossforce.com/2015/11/tux-machines-again-face-ddos-attacks/

More:
Tux Machines Again Faces DDoS Attacks

It’s Black Friday: Do you know who is DDoSing your servers? And how to stop them

Today is Black Friday in the U.S. a retail holiday where numerous, extravagant deals are revealed to a ravenous public. In the brick and mortar universe, this can become a free-for-all when shoppers will camp out for days in front of a store just to get in on the first deals. In the cyber universe the same greatly increase traffic can be seen and this also makes it hunting season for hackers and extortionists attempting to get a cut. On the Internet, the easiest and lowest form of disruption is the distributed denial of service (DDoS) attack and we’ve seen it employed throughout the year by for various reasons to take down websites. To get a better understanding of what e-retailers can expect now on Black Friday and the upcoming Cyber Monday, SiliconANGLE reached out to Nexusguard (Nexusguard Limited), DDoS protection experts, and spoke with their Chief Scientist Terrence Gareau. “Risk from cyberattack is a trend repeating every year,” says Gareau. “No doubt retailers all experience an uptick in attacks [during Black Friday]. Attackers are definitely taking advantage of the uptick and e-tailers need to put in more resources to boost their websites’ security.” This year DDoS attacks hit record highs, according to the State of the Internet report from Akamai for Q2 2015. The number of attacks grew by 132 percent compared to the same time in 2014 and 12 attacks occurred that exceeded 1,000 gigabits per second (Gbps). Nexusguard’s own overwatch on DDoS showed that during 2015 Q3 attack numbers rose by 53 percent over Q2, higher than any quarter over the past two years. E-commerce at more risk than ever from DDoS attacks Most DDoS attacks that make it to the news are being done my Internet mayhem groups looking for fame and attention. The most recent example is the attack committed by Lizard Squad on Christmas Day, December 26, 2014 against the Xbox LIVE and PlayStation networks that knocked the gaming services offline for millions of customers However, Gareau says that not all DDoS attacks come from people seeking attention—some are seeded with greed and extortion. Especially when it comes to the lesser-known attacks that services and e-retailers suffer around this time of year. When asked if competitors might use DDoS to knock out or weaken sales from other e-retailers, Nexusguard’s chief scientist would only say that it does appear that competitors do attack each other this time of year. That said, more danger appears to be coming from extortion rackets this time of year than from greedy competitors. The usual strategy is to hit an outlet with a DDoS attack (a short one) and then send an e-mail requesting some sort of ransom payment or the attack comes back. A few more blasts might come along to get the target’s attention. “Hackers are aware that the holidays are a prime time for online retailers. Therefore, they would do anything to break through any defenses,” says Gareau. This time of year criminals know that stores and e-retailers are looking to make as much money as possible off traffic. As well, increased traffic makes servers even more vulnerable to DDoS because it means they’re already working at capacity. Attackers see this as low-hanging fruit because first it’s easier and second an e-retailer will lose a great deal of money for even ten minutes of time offline during the sales rush. “One of the most sophisticated attacks focused on the login prompt,” Gareau adds, when asked for an example of how hackers attempt to knock sites offline. “In fact, on Thanksgiving and Christmas last year, we saw a hacker craft specific requests to the login form, preventing visitors from logging on.” Cold advice about DDoS extortion: “…don’t f**ing pay ‘em.” “We expect to see an increase in fraud and extortion, directly linked to DDoS as seen over the last few years,” Gareau says. When it comes to handling the potential of (or ongoing) DDoS attacks, Gareau suggests getting a proper team on board, he works for such a team at Nexusguard after all, but he also has an opinion on extortion and it’s a very simple one: “…And don’t f**ing pay ‘em,” he adds. This year has a perfect example of why paying DDoS extortion is a losing bet. In early November Switzerland-based ProtonMail, a provider of end-to-end encrypted e-mail, was struck by a powerful DDoS attack and the attackers demanded a ransom of $6,000 to relent. (The amount requested was 15 bitcoins, which at the time came out to approximately $5,850.) ProtonMail paid the ransom but then paid the price: the ProtonMail website and service were washed away by a DDoS attack anyway. Paying extortion to make a DDoS attacker go away does not necessarily make them go away. Just like any other criminal enterprise, knowing that a payment will come is a good way to make sure they will come back. Worse, it will fund the criminals to build out or increase their total power, which means they can go after other targets more frequently. In many cases that ransom requested by the criminals behind the DDoS could be paid to an anti-DDoS outfit and used to lessen the impact of the attack. The result is that the criminals get nothing but time wasted firing off their attack tools. Source: http://siliconangle.com/blog/2015/11/27/its-black-friday-do-you-know-who-is-ddosing-your-servers-and-how-to-stop-them/

Bloggers Put Bounty on DDoS Extortionists

Two sister blogs, Hacked (Security & Tech) and CryptoCoinsNews, have decided to go the Mel Gibson route (“Ransom” movie reference for the uncool kids) and put out a bounty on DDoS attackers instead of paying the money they were asking for. It all started earlier this morning, when both sites saw a serious DDoS attack being carried out against their server infrastructure. Three hours after the attack began, the two received emails from a man named Jon. The attacker claimed to own a botnet that he intended to use for DDoS attacks. He said that currently he was using only 20% of the botnet’s capabilities against the two sites. Jon was asking for a 2 Bitcoin ransom, which would become 3 Bitcoin by tomorrow if unpaid. Instead of giving in and being intimidated by the attacker, the two sites ramped up their DDoS mitigation and decided to put out a 5 Bitcoin ransom on the attacker, which is about $1,600 or €1,500 in today’s exchange rate. Turning the table on DDoS extortionists “If you can help us identify the extortionists in a way that leads to a successful police report, you will receive five bitcoins, with gratitude,” says Samburaj Das of CCN and Hacked. The bloggers are looking for data like real names, addresses, and attacks carried out on other sites that would allow investigators to track their DDoS campaign. Details should be sent to crypto@cryptocoinsnews.com. Only last month something similar happened to ProtonMail, a crypto email service. The site was under a massive DDoS attack, which also expanded to its ISP. Due to peer pressure from other affected services, ProtonMail paid the ransom , but the attacks never stopped, with other groups also taking aim at their infrastructure. Many people skewered ProtonMail’s owners for paying the attackers, saying it was a bad idea and did nothing but encourage such types of groups to carry on with their DDoS-for-Bitcoin extortion campaigns . We’ll just have to wait and see how Hacked/CCN’s countermove goes through. Source: http://news.softpedia.com/news/bloggers-put-bounty-on-ddos-extortionists-496586.shtml

See the article here:
Bloggers Put Bounty on DDoS Extortionists

To the IT Security Rescue: DARPA and the Extreme DDoS Defence Program

IT security is a big deal – especially today with concerns that the government may be compromising some private networks. We know that the agency has compromised Google and Yahoo! in the past. Today, the Defence Advanced Research Projects Agency (DARPA) is working to fight against certain kinds of security breaches. On the surface of it, it seems contradictory, since DARPA is a branch of the U.S. Department of Defence. But, here’s a deeper look into the agency, and what they’re doing and why. DDoS Attacks and Why They’re Important A DDoS attack is a special type of DOS attack, commonly called a “Distributed Denial of Service” attack. It’s an attempt to bring down a network using multiple compromised systems, which are usually infected with malware or a virus – usually a trojan. The point of a denial of service attack is to make so many requests from the server that it can’t keep up, and crashes – taking the site or network offline. A distributed attack means that multiple computers are making requests for information or data from the server. And, because they are spread out, it’s very difficult to stop. It’s difficult to distinguish between legitimate users and attackers because, often, innocent computers are hijacked in the attack and made to look like legitimate users. Security companies that specialize in this type of threat know how to deal with them. And, you can visit this website if you want to know more about how detection and analysis works from inside the industry – including the concept of “white hat hacking” or “penetration testing.” Option One: Self-Defence Tactics One option commonly employed by companies and organizations in the past was a homebrew self-defence strategy. This is the simplest way to defend against an attack, but it’s also a method that’s a bit outdated. Usually, a coder or in-house IT employee would write some Python script that would filter out bad traffic. Sometimes, enterprises would use existing firewalls to block malicious traffic. In the early 2000s, this was a simple affair. Today, attacks are fairly complex and, while it’s simple to write a script, it doesn’t work nearly as well as it used to. A firewall will quickly be overloaded under the mildest of today’s DDoS attacks. Option Two: Specialized Equipment Defence Another option is to use specialized equipment to defend your company or organization. It’s a similar approach to the DIY method in that an enterprise is doing all of the work to stop an attack. However, instead of relying on scripts and firewalls, the business buys and deploys dedicated DDoS mitigation hardware. The hardware sits in a company’s data centre in front of the standard servers and routers. It’s made specifically to detect and filter malicious traffic. Companies that use this approach face multiple challenges. First, the hardware is costly. And, if the company isn’t under attack, the devices are just sitting there, collecting dust. They can also be expensive to operate. You need skilled network and security people to run them. They have to be constantly updated by your operations and IT team if you want protection against the latest threats. DDoS tactics change on a daily basis. And, finally, the Achilles heel of the hardware is that they can’t handle volumetric attacks. All an attacker has to do is figure out your maximum bandwidth and exceed it. Option Three: ISP Defence Most companies outsource their DDoS mitigation. Some enterprises use their ISP to provide the service. An ISP can have more bandwidth than a single company would, which helps with large attacks. But, there are still problems with this approach. The most obvious is that ISPs aren’t in the business of threat detection and mitigation. They sell bandwidth. So, their systems might not actually be very good at detecting and defending against a well-orchestrated (or even not-so-well orchestrated) attack. Option Four: Cloud Mitigation Provider This option essentially outsources the problem to a company that specializes in cloud services. Cloud mitigation providers are experts when it comes to providing DDoS mitigation from the cloud. In other words, these companies have built out massive network resources. They have more bandwidth capabilities than your average hosting provider or cloud storage vendor, and they can mitigate the threat of an attack at multiple sites around the Internet. Basically, they redistribute the bad traffic that comes in to lessen its effects. In many cases, there is no effect. They can scrub traffic for you, and send only the “clean” traffic to your data centre. One major reason you’d want to hire these people is for their expertise. They usually have network and security engineers and researchers on staff that are monitoring the latest threats and tactics hackers use so that customers are well-protected. They also have bandwidth – lots of it. They provide more bandwidth than an enterprise could ever hope to provision on its own. This is effective in stopping even the largest of attacks. They have multiple types of DDoS mitigation hardware. Since DDoS attacks are very complex, there’s an inherent need for multiple layers of filtering to keep up with the latest threats. Cloud providers use multiple technologies, including their own proprietary technology to defend against attacks. Source: http://www.theglobaldispatch.com/to-the-it-security-rescue-darpa-and-the-extreme-ddos-defence-program-68380/

More here:
To the IT Security Rescue: DARPA and the Extreme DDoS Defence Program