Tag Archives: ddos

FBI Warns of Increase in DDoS Extortion Scams

Online scammers constantly are looking for new ways to reach into the pockets of potential victims, and the FBI says it is seeing an increase in the number of companies being targeted by scammers threatening to launch DDoS attacks if they don’t pay a ransom. The scam is a variation on a theme, the familiar ploy of either holding a victim’s data for ransom or threatening some kind of attack if a ransom isn’t paid. Ransomware gangs have been running rampant in recent years, using various kinds of malware to encrypt victims’ data and then demand a payment, usually in Bitcoin, for the encryption key. The scam that the FBI is warning about isn’t as intrusive as that, but it can be just as damaging. The attackers in these cases are emailing people inside organizations and demanding that they pay a ransom or face a DDoS attack. “Victims that do not pay the ransom receive a subsequent threatening e-mail claiming that the ransom will significantly increase if the victim fails to pay within the time frame given. Some businesses reported implementing DDoS mitigation services as a precaution,” an alert from the FBI says. The FBI says that it believes there are several people involved in these scams and they anticipate that they will expand the number of industries that they’re targeting in the near future. Organizations that haven’t paid the ransom have in some cases been hit with the threatened DDoS attacks, but the FBI said they typically don’t last very long. “Businesses that experienced a DDoS attack reported the attacks consisted primarily of Simple Discovery Protocol (SSDP) and Network Time Protocol (NTP) reflection/amplification attacks, with an occasional SYN-flood and, more recently, WordPress XML-RPC reflection/amplification attack. The attacks typically lasted one to two hours, with 30 to 35 gigabytes as the physical limit,” the FBI alert says. There have been high-profile incidents like this in the recent past. Basecamp, a project management console, was hit with such an attack in 2014 when attackers tried to blackmail they company and then hit it with a DDoS attack. Source: https://threatpost.com/fbi-warns-of-increase-in-ddos-extortion-scams/114092#sthash.2CvEua2m.dpuf

See the original article here:
FBI Warns of Increase in DDoS Extortion Scams

Planned Parenthood websites downed in DDoS attack

Planned Parenthood websites have gone down and are, according to the main page, undergoing maintenance. In a statement emailed to SCMagazine.com on Thursday, Dawn Laguens, executive VP of Planned Parenthood, said that the Planned Parenthood websites were the target of a DDoS attack. “Today, the Planned Parenthood websites experienced a wide scale distributed denial-of-service (DDoS) attack, a hacker tactic to overwhelm websites with massive amounts of traffic to block any legitimate traffic from getting in,” Laguens said. The websites were back online shortly after the attack, but are scheduled to remain down throughout Thursday for security purposes, Laguens said, adding that during this time visitors are being redirected to the organization’s Facebook pages. Following reports that politically motivated attackers released website databases, Planned Parenthood announced on Monday that it is investigating possible unauthorized access to its systems. Source: http://www.scmagazine.com/planned-parenthood-websites-downed-in-ddos-attack/article/429563/

Taken from:
Planned Parenthood websites downed in DDoS attack

Critical BIND bug scores PATCH YESTERDAY grading

Easy to hack universal remote BIND DoS hole leaves DNS open to attack Gird your loins internet: Attackers now have the ability to disrupt large swathes of the web through a remote denial of service vulnerability found in the most widely used software for DNS servers.…

Original post:
Critical BIND bug scores PATCH YESTERDAY grading

Unhinged Linux backdoor still poses a nuisance, if not a threat

When is a door not a door? When slapdash coding turns it into a glorified ‘off’ switch Internet Igors have stitched together a new Linux backdoor. Fortunately for internet hygiene the botnet agent – which packs a variety of powerful features – is faulty and only partially functional.…

Taken from:
Unhinged Linux backdoor still poses a nuisance, if not a threat

Anonymous says it hacked Canada’s security secrets in retaliation for police shooting of B.C. activist

Hackers with Anonymous say they breached supposedly secure Canadian government computers and accessed high-level, classified national security documents as retaliation for last week’s fatal shooting by the RCMP of a protester in British Columbia. To support their claim, members of Anonymous provided the National Post with a document that appears to be legitimate Treasury Board of Canada notes on federal cabinet funding to fix flaws in the foreign stations of the Canadian Security Intelligence Service (CSIS). The Post has not independently been able to verify the authenticity of the document, marked with a security classification of “Secret.” Anonymous activists say they will disseminate sensitive documents if the officer who shot James McIntyre in Dawson Creek, B.C., is not arrested by Monday at 5 p.m., Pacific time. That threat has also been made on social media and a government source confirms authorities are aware of the threat. Activists say McIntyre was a member of Anonymous. When he was shot he appeared to be wearing a Guy Fawkes mask, often worn by supporters of the global hacktivist collective. Anonymous says it has several secret files. “We do have other documents and files. We are not going to speak to quantity, date of their release, manner of their release, or their topic matter at this time,” a spokesperson for a coterie of Anonymous told the Post in an  interview conducted through encrypted communications. “This will be an ongoing operation with expected surprise as a critical element.” Government computers were breached in stages, over several months, the Anonymous spokesperson said, including during the Distributed Denial of Service (DDoS) attacks last weekend, organized in protest of the shooting. (DDoS is when multiple hijacked computers tie up the resources of a web site so the public cannot access it.) After the DDoS attacks, Public Safety Minister Steven Blaney told reporters that no personal information or government secrets were compromised. Jeremy Laurin, a spokesman for the minister, could say little about the veracity of the document or its response to the threat by Friday evening. “We are monitoring the situation closely,” said Laurin. “Our government takes cyber security seriously and operates on the advice of security experts.” The government has promised $235 million funding for a cyber-security ?strategy designed to defend against electronic threats, hacking and cyber espionage, he said. On Wednesday the minister said $142 million of that is to enhance security at several agencies, including the RCMP and CSIS. A well-placed government source said, “There has not been a hack of CSIS,” but was unable to say if other departments could make the same claim. Anonymous says the minister is incorrect in his assessment of recent cyberattacks. “In fact, part of what we were doing at that point were final penetration tests, not just for the Canadian government, but also with how the media would respond to Anonymous attacks,” the Anon spokesperson said. This purported hack is far different and more serious than the previous stream of aggressive online activity over the shooting that targeted police web sites and British Columbia’s hydro electric industry, both considered soft targets. If the Anonymous claim is accurate, it suggests a deeper penetration of a higher echelon of government computer containing far more sensitive information. The document provided to the Post outlines a meeting dated Feb. 6, 2014, regarding progress in upgrading cyber security at CSIS, Canada’s spy agency, to be monitored by the Communications Security Establishment Canada, two of Canada’s most secretive organizations. The paper discusses cabinet approval of millions of dollars to “extend the Service’s (CSIS’s) secure corporate network environment to its foreign stations.” The project was over budget, the document says, “due largely to increased information security requirements to address recent unlawful disclosures of classified material (i.e. Delisle, Snowden).” Jeffrey Delisle is a former Canadian naval officer who sold military secrets to Russia until his arrest in 2012. Edward Snowden is a former U.S. National Security Agency analyst who leaked classified documents revealing large-scale global surveillance in 2013. The document from Anonymous says the current CSIS system uses “inefficient and labour intensive data-processing and analysis systems to process and report intelligence information obtained at it foreign stations … These outdated processes result in delays that impact the Service’s operational effectiveness and jeopardizes the security of its personnel.” The new system was tested at two foreign stations and is expanding to CSIS’s 25 foreign stations, the document says. The sample document was provided to the Post with some elements redacted because the hackers were unsure what the markings mean and are concerned it could identify which machine or machines may have been compromised, the Anon spokesperson said. Source: http://news.nationalpost.com/news/canada/anonymous-says-it-hacked-canadas-security-secrets-in-retaliation-for-police-shooting-of-b-c-activist

Follow this link:
Anonymous says it hacked Canada’s security secrets in retaliation for police shooting of B.C. activist

NJ Casino’s DDoS Attack Still Under Investigation

On July 2, a cyber attack was coordinated against several New Jersey-based gambling websites and continued throughout the July 4th holiday weekend. At least four online casinos were affected and experience downtime, and we placed on alert as the State Division of Gaming Enforcement commenced their investigation. Although this is the first time the country had seen an attack on online gaming websites, it isn’t the first time that hackers have targeted casinos. Back in 2014, Sands Casino in Las Vegas had experienced an IT catastrophe that led to the shutdown of PCS and servers, wiping many of their hard drives clean. Bloomberg Business writers Ben Elgin and Michael Riley explained that this wasn’t an Ocean’s Eleven heist; someone had a personal vendetta against the company, specifically CEO and majority owner Sheldon Adelson. Frank Cilluffo, director of George Washington University’s Center for Cyber and Homeland Security, later disclosed that they believe this digital conflict was perpetrated by Iran. Many feared that this was the beginning of a cyber war, as the nation’s enemies discovered a way to injure American companies to the point that it would incite a government response. Surprisingly, Sands had managed to keep most of the details of the incident under wraps for almost a year. At the time, it was the biggest strike on US corporate infrastructure, prior to the Sony Pictures Entertainment hack from last November. Fast forward to this year’s July 4th weekend, David Rebuck of the State Division of Gaming Enforcement Director confirms that there was a Distributed Denial of Service (DDOS) attack, where the 30-minute downtime occurred due to the hackers flooding the sites with data, rendering the them inoperative. Atlantic City’s Bill Hughes Jr., head of Cybersecurity of law firm Cooper Levenson, compares the attack to a traffic gridlock, where “the parkway becomes a parking lot.” The hackers threatened to launch a more powerful attack within 24 hours and revealed they would sustain this breach unless the casino operators paid a ransom to be paid in bitcoins, an internet currency that has proven popular with online criminals even though it does have its legitimate uses. Luckily, no further attacks were reported to the State Division of Gaming Enforcement. While gambling was legalized in Atlantic City in 1976 according to information portal Mayfair Casinos, online casinos had only been legal since 2013 which makes this strike rather sudden. Sudden, maybe, but not random. Rebuck tells NJ.com that they have an idea of who was behind this hacking incident, saying that this individual is a known actor and has a history of this types of attacks. Rebuck did not divulge any more details of the perpetrator, along with the websites impacted and amount paid in ransom. Despite the occurrences in the past year, University of Nevada’s Center for Gaming Research Director David Schwartz says that American online casinos are still not a major target for hackers, unlike gaming sites hosted on servers outside of the country which usually have a demand for ransom. Source: http://www.casinoscamreport.com/2015/07/22/nj-casinos-cyber-attack-still-under-investigation/

Read the original:
NJ Casino’s DDoS Attack Still Under Investigation

It's official: The average DDoS attack size is increasing

New global DDoS attack data from Arbor Networks shows strong growth in the average size of DDoS attacks, from both a bits-per-second and packets-per-second perspective. The largest attack monitor…

See the original post:
It's official: The average DDoS attack size is increasing

Anonymous in Cyberwar With Canadian Gov’t After Mountie Killed Activist

On Monday, hacktivists said they had stepped up their operation to gain access to Canadian government secrets after a mounted police officer shot and killed an activist at an environmental protest in BC. The million-strong army of Anonymous group hacktivists is waging a cyberwar on Canadian authorities and law enforcers after a Royal Canadian Mounted Police (RCMP) officer fatally shot an activist wearing a Guy Fawkes mask at an environmental protest in British Columbia last week.The shooting in Dawson Creek, which Anonymous says was unprovoked, triggered a vehement response from the group, who launched a massive cyberoperation codenamed AnonDown to force Canadian police to reveal the identity of the shooter. The declaration of war on Saturday was followed by a series of denial-of-service (DoS) attacks on RCMP web pages the next day, including on its national website, the Dawson Creek affiliate site and the RCMP Heritage Center page. On Monday, hacktivists said they had stepped up the operation to gain access to government secrets. “AnonDown has accessed docs marked ‘secret’ inside Canadian government. It’s not just a DDoS op anymore kiddos,” the activists said in a taunting tweet. Fatal Shooting The killing of the protester took place last Thursday when Canadian mounted police responded to a disturbance at a public hearing where a controversial dam project was being discussed. Upon arrival, police singled out a masked man who allegedly refused to surrender and was shot down, police said, adding that a pocket knife was later recovered at the scene. Anonymous, however, told the local Globe and Mail newspaper that lawmen gunned down the wrong man. The man who allegedly caused the disturbance during the dam debates had left by the time police moved in. They said the victim, who succumbed to the gunshot wound later at a hospital, was fired at while trying to put the knife on the ground. The policeman behind the killing has not been identified publicly. In a video statement, Anonymous vowed to “identify the RCMP officer involved and release the docs on the Internet because the world has the right to know every detail about killer cops.” Operation Begins In a Saturday video statement, Anonymous said they would seek justice for the slain activist and avenge him if their demands are not met. They also pledged to rally the entire collective of hacktivists to “remove the RCMP cyber infrastructure from the Internet.” The first “cyber-shots” were fired on Sunday when the main RCMP website and Dawson Creek detachment site could not be accessed for several hours. The group later claimed responsibility for the outages. The Globe and Mail cited a Twitter posting, associated with the hacker group, which suggested “turning it off and back on again.” The main RCMP website was online on Monday. But Anonymous warned that there was more such actions to follow. “Our vengeance will be swift and powerful but it will not include violence,” they tweeted. Not So Harmless Denial-of-access attacks that involve flooding the target website with communication requests are often used to crash a site for a short period of time. Nevertheless, hacktivists’ threats to disrupt the work of police websites should not be taken lightly, the Globe and Mail cited a cybersecurity expert from the Defence Intelligence firm as saying on Sunday. Defence Intelligence Chief Executive Keith Murphy told the outlet that the group had a global reach of about one and a half million, and had proven in the past to go through with their threats. Source: http://sputniknews.com/world/20150720/1024824329.html#ixzz3gSiu0DZW

See more here:
Anonymous in Cyberwar With Canadian Gov’t After Mountie Killed Activist