Tag Archives: ddos

Week in review: Cryptolocker copycat, CyanogenMod's built-in SMS encryption, NSA uses Google cookies to track suspects

Here's an overview of some of last week's most interesting news and articles: The DDoS debate: Multi-layered versus single solution There is a DDoS debate in the cybersecurity industry about whi…

View post:
Week in review: Cryptolocker copycat, CyanogenMod's built-in SMS encryption, NSA uses Google cookies to track suspects

DDoS attacks escalate, businesses still unprepared

Many businesses are failing to take adequate measures to protect themselves against the threat of a DDoS attack. A Corero Network Security survey of 100 companies revealed that in spite of the repo…

See more here:
DDoS attacks escalate, businesses still unprepared

Image ddos_507891.jpg

Companies still ignore DDoS attacks

Just days after NatWest Bank suffered a debilitating DDoS attack, a new survey has revealed that most businesses are still unprepared for this kind of threat. Some companies are unprepared for DDoS attacks Just days after NatWest Bank suffered a debilitating DDoS attack, a new survey has revealed that most businesses are still unprepared for this kind of threat. More than half the respondents to a survey by Corero lack adequate distributed denial-of-service (DDoS) defence technology. The study also reveals a lack of DDoS defence planning on multiple levels: nearly half of businesses have no formal DDoS response plan, 54 percent have outdated or non-existent network maps, and around one in three lack any clear idea of their normal network traffic volume. Furthermore, the survey slates businesses for under-investing in their security infrastructures, with around 40 percent of respondents still relying on firewalls, while nearly 60 percent do not test their DDoS defences regularly with network and application-layer tests. However, experts warn that DDos attacks are escalating and say that they can cause not only business disruption but also loss of IP, significant brand damage and a loss of customer confidence. Mike Loginov, CEO and CISO at independent security consultancy Ascot Barclay Group, told SCMagazineUK.com that figures from his firm and others show sharply rising numbers of successful DDoS attacks, adding: “These attacks are not necessarily undertaken by the perpetrator with financial gain in mind. However, they still leave the targeted business suffering costly damage repairs, loss of business and an undermining of the organisation’s capability to defend itself. Many attacks go unreported for fear of brand damage.” Andrew Miller, CFO and COO at Corero, which carried out the latest survey, agreed the threat is growing but stressed that companies are still not doing enough to protect themselves. “These denial-of-service-attacks (DDoS) are increasing and becoming more complex, but we’re still not seeing companies increasing their vigilance, investment and planning,” he told SCMagazineUK.com. “Across the board companies really need a combination of infrastructure investment, but more importantly putting in place plans to be able to detect what’s traversing companies’ networks.” Loginov agreed: “Generally speaking, IT departments, as the report suggests, are just not geared up to defend organisations against what cyber security professionals these days consider rudimentary attacks.” Miller said companies need “hybrid DDoS and cloud protection” but added that currently only “a small percentage” of companies have these defences in place. “What we’re seeing the more proactive customers doing is deploying a combination of both on-premises technology to provide 24/7 protection from denial of service attacks, as well as cloud protection services to deal with the high-volume ‘fill the pipe’ network-layer DDoS attacks – a combination of solutions rather than a single solution.” These warnings come just days after NatWest Bank was hit by a DDoS attack that left customers unable to access their accounts online. The 6 December attack disrupted NatWest’s website for about an hour and briefly hit the websites of the other banks in the RBS Group – RBS and Ulster Bank. The attack was focused on disruption rather than accessing account details. But Miller said organisations need to “understand it’s not just inconvenience, we’re talking about some loss of IPR. In the case of RBS, it’s obviously a significant issue from a brand and customer satisfaction perspective”. Miller added: “Denial of service attacks are often used as a smokescreen, a way of initially gaining entry into IT systems through a brute force-type attack, then following on from that the more sophisticated attacks which are aimed either at stealing customer information or intellectual property. We’re seeing banks in the US we’re talking to subject to these types of attacks on a daily basis.” In a statement to journalists, Jag Bains, CTO of DOSarrest Internet Security , said: “The transparency shown by RBS in admitting that they failed to invest properly in their IT systems is a common refrain amongst many enterprises, large and small. While each organisation may have multiple reasons for failing to invest, they all share the same notion that they won’t be a target until they get attacked. “With DDoS tools becoming more advanced and pervasive, all IT operations should work under the premise that they will be attacked and plan accordingly. Every stack and layer within their purview should be reviewed and they should identify cost-effective cloud solutions for their DDoS which provides much better performance and mitigation than expensive hardware.” The DDoS attacks on RBS came in the same week as an unrelated major IT failure, which hit the Group’s online and mobile banking, ATMs and debit card payments. As SCMagazineUK.com reported, RBS, NatWest and Ulster Bank customers were unable to use their cards to draw cash or pay for goods or services. RBS CEO Ross McEwan branded the outage as “unacceptable” and blamed decades of failure to invest adequately in new technology. Source: http://www.scmagazineuk.com/companies-still-ignore-ddos-attacks/article/324844/

View article:
Companies still ignore DDoS attacks

$183,000 fine for man who joined Anonymous attack for ‘one minute’

Authorities in the US have shown their intolerance for so-called ‘hacktivism’ by sentencing a 38-year-old Wisconsin man to two years’ probation and an $183,000 fine for joined an online attack for just a single minute. Eric J. Rosol participated in a Distributed Denial of Service attack (DDoS) against the website for American multinational Koch Industries. DDoS attacks ‘take down’ websites by repeatedly loading them using automatic software. The attack was organised by the hacker group Anonymous and succeed in taking the website offline for only 15 minutes. Rosol pleaded guilty to one misdemeanour count of accessing a protect computer, and although both parties agree that the direct loss to Koch Industries (the second largest privately owned company in the US) was less than $5,000, because the corporation had hired a consulting group to protect its web territory for fees of $183,000 – this was the sum that Rosol must now pay. Koch Industries works in a number of industries including petroleum and manufacturing and reported revenues of $115 billion in 2013. The company is controlled by brothers Charles and David Koch (the world’s sixth and seventh richest men) who inherited it from their deceased father Fred C. Koch, the company’s founder. Koch Industries is often the subject of controversy in the US for its financial support of right-wing Tea Party and its opposition to the green energy industry. The brothers have also donated more than $120m to groups working to discredit climage change science. The DDoS attack which Rosol took part in was organized in opposition to Koch Industries’ reported weakening of trade unions. Source: http://www.independent.co.uk/life-style/gadgets-and-tech/183000-fine-for-man-who-joined-anonymous-attack-for-one-minute-8995609.html

View the original here:
$183,000 fine for man who joined Anonymous attack for ‘one minute’

13 Anonymous hackers plead guilty to PayPal DDoS attack

Thirteen defendants pleaded guilty in federal court in San Jose on Friday to charges related to their involvement in the cyber-attack of PayPal’s website as part of the group Anonymous. One of the def…

See more here:
13 Anonymous hackers plead guilty to PayPal DDoS attack

Week in review: Air gap-hopping malware, first PoS botnet, and the new issue of (IN)SECURE Magazine

Here's an overview of some of last week's most interesting news and articles: (IN)SECURE Magazine issue 40 released (IN)SECURE Magazine is a free digital security publication discussing some of …

Read the original post:
Week in review: Air gap-hopping malware, first PoS botnet, and the new issue of (IN)SECURE Magazine

Image o-PAYPAL-14-HACKERS-facebook.jpg

PayPal 14 plea deal a win for DDoS as civil disobedience

Eleven of the fourteen defendants in the PayPal 14 case have reached a plea deal with federal prosecutors. Under the agreement, the defendants will plead guilty to felonies and misdemeanors under the Computer Fraud and Abuse Act (CFAA). If they observe good behavior, federal prosecutors will ask that the felonies be dropped. This comes as good news to those who advance the notion that DDoS (Distributed Denial of Service) attacks are acts of civil disobedience. Two other defendants will serve 90 days in prison after pleading guilty to a misdemeanor charge pled guilty to a misdemeanor, while the last of the fourteen defendants was not eligible for a plea deal in the case. The PayPal 14 are only a small fraction of the over 1,000 participants identified in a DDoS attack aimed at PayPal, which Anonymous hit as part of “Operation Payback” after the company cut service to WikiLeaks’s donations page. Pierre Omidyar, founder of eBay, which is the parent company of PayPal, called for leniency. Ironic given that PayPal provided the Department of Justice with a list of the participants’ IP addresses, which helped the FBI locate the protesters. “I can understand that the protesters were upset by PayPal’s actions and felt that they were simply participating in an online demonstration of their frustration. That is their right, and I support freedom of expression, even when it’s my own company that is the target,” Omidyar wrote two days ago in a Huffington Post op-ed. “The problem in this case however is that the tools being distributed by Anonymous are extremely powerful. They turn over control of a protester’s computer to a central controller which can order it to make many hundreds of web page requests per second to a target website.” DDoS works by connecting thousands of computers together to bombard websites with traffic until it collapses. As Omidyar noted, it multiplies the power of a single protester, which is something that cannot be done in the physical realm without significant grassroots effort. Nevertheless, the plea deal is significant because it sets a legal precedent that DDoS isn’t just some effort to cause significant financial harm. While the plea deal doesn’t define DDoS as digital protest, it might be the first step in acknowledging the attack as something akin to protesters blocking a road or a business. These physical protests are typically prosecuted as misdemeanors, not felonies that can bring hefty prison terms, high restitution costs, and a lifetime designation as a felon. The PayPal 14 plea deal might also help begin the very necessary process of amending the CFAA, which allows stiff penalties for these non-violent crimes in the first place. Shortly before the news was announced, activist lawyer Stanley Cohen tweeted: “Stay tuned for details. Pay Pal 14 will be resolved today, big win for civil disobedience. Up the Rebels.” And a good win for the internet, which is coming of age as the supreme venue for protest against political and financial power. Source: http://www.deathandtaxesmag.com/210854/paypal-14-plea-deal-a-win-for-ddos-as-civil-disobedience/

Read More:
PayPal 14 plea deal a win for DDoS as civil disobedience

Bitcoin Password Grab Disguised As DDoS Attack

Attacks against bitcoin users continue, as online forum Bitcointalk.org warns users their passwords might have been stolen in distributed denial of service hack. Aficionados of the cryptographic currency known as Bitcoin might have gotten more than they bargained for recently, after a distributed denial-of-service (DDoS) attack appeared to be used as a smokescreen for launching a password-stealing attack against users of Bitcointalk.org. Michael Marquardt (a.k.a. “Theymos”), one of the administrators of the popular bitcoin discussion forum, Sunday warned its 176,584 members of the attack. He said the attack had been traced to a flaw in the systems of domain registration firm AnonymousSpeech, which specializes in anonymous email, as well as running hosting servers outside the United States and the European Union. Attackers hacked AnonymousSpeech to change the bitcoin discussion forum’s DNS settings to an attacker-controlled server. According to Marquardt, the DNS redirection attack was spotted Sunday by forum manager Malmi Martti (a.k.a. Sirius), who immediately moved the domain to a different registrar. “However, such changes take about 24 hours to propagate,” he warned, meaning that users remained at risk unless they logged on to the forum using its IP address, rather than trusting domain name servers to resolve to the non-malicious site. What was the risk to forum users? “Because the HTTPS protocol is pretty terrible, this alone could have allowed the attacker to intercept and modify encrypted forum transmissions, allowing them to see passwords sent during login, authentication cookies, [personal messages], etc.,” Marquardt said. “Your password only could have been intercepted if you actually entered it while the forum was affected. I invalidated all security codes, so you’re not at risk of having your account stolen if you logged in using the ‘remember me’ feature without actually entering your password.” In other words, anyone who logged into the forum between Sunday and Monday, and who entered a password, should assume that it was compromised by attackers. What were the bitcoin forum attackers gunning for? The most likely explanation would be participants’ usernames and passwords, which — if reused on other sites — might have allowed attackers to drain people’s online bitcoin wallets. Likewise, attackers might have been interested in gathering email addresses of people who are interested in bitcoins to target them — via phishing attacks — with malware designed to find and steal bitcoins from their PCs. The DNS hack and DDoS attack against Bitcointalk are just the latest exploits in a long string of attacks targeting bitcoin e-wallet services and payment systems. Last month, Denmark-based bitcoin payment processor Bitcoin Internet Payment System suffered a DDoS attack that allowed the attackers to hide their real target: online wallets storing 1,295 bitcoins, which they successfully stole. At the time, their haul was valued at nearly $1 million. As that haul suggests, the rise in bitcoin-related attacks can be attributed to the bitcoin bubble, which has seen the value of the cryptographic currency rise from a low of $1 per bitcoin in 2011, to $1,200 per bitcoin as of Wednesday. The rise in bitcoin’s value has lead to a number of malicious attacks, as well as a rise in efforts of a different nature. Last week, for example, Malwarebytes researcher Adam Kujawa warned in a blog post that a number of free toolbars and search agents have begun including bitcoin-mining software, which can consume massive amounts of system resources, slowing PCs to a crawl. Bitcoin mining isn’t inherently suspect. In fact, it’s crucial to the success of bitcoins, because it’s what records the chain of bitcoin transactions. Furthermore, the bitcoin system is set up to reward — with bitcoins — anyone who successfully solves related cryptographic puzzles that help maintain the public bitcoin ledger known as the “block chain.” But some people have begun turning PCs into nodes in their personal bitcoin-mining empire, such as online gaming company E-Sports, which was recently hit with a related $325,000 fine by the New Jersey state attorney general’s office. In the case of toolbars and search agents with built-in mining software, however, users who agree to the accompanying end-user license agreement (EULA) might be authorizing a third party to turn their PC into a bitcoin-mining platform. “So take note if your system is running especially slow or if a process is taking up massive amounts of your processing power; it might be malware or even a [potentially unwanted program] running a miner on your system,” said Kujawa at Malwarebytes. “Looks like the bad guys are adapting all of their various technical attacks and business models to the bitcoin world,” CounterHack co-founder and SANS Institute hacking instructor Ed Skoudis said in a recent SANS email newsletter, responding to the Malwarebytes report. “Given the stakes for rapid money-making here, we’ll surely see even more creative bitcoin-related attacks in the near future.” Source: http://www.informationweek.com/security/attacks-and-breaches/bitcoin-password-grab-disguised-as-ddos-attack—-/d/d-id/1112919

Continue Reading:
Bitcoin Password Grab Disguised As DDoS Attack