Tag Archives: opportunity

The new age of DDoS – And we ‘joked’ that toasters would one day take down our banks

The size of DDoS attacks has increased exponentially thanks to hackers and cyber criminals making use of the IoT. A few years ago, just as the ‘Internet of Things’ (IoT) was starting to form as a concept, some of us in the cyber security community joked that in future our toasters would be able to take down our banks. Within the last few months that joke has started to become a reality. In September 2016, US security researcher Brian Krebs had his website, Krebs on Security, taken offline by the largest Distributed Denial of Service (DDoS) attack yet seen. A short while later OVH, a French internet hosting company, was struck by an even bigger attack. Then, in October, Domain Name Server (DNS) company Dyn – essentially a part of the ‘internet phone book’ which directs users to websites – also fell victim to an attack in which tens of millions of different internet addresses bombarded the company’s servers with excessive data, causing popular sites like Twitter, Spotify and Reddit to go offline. The size of attacks has increased exponentially thanks to hackers and cyber criminals making use of the IoT. These devices – including the likes of webcams Digital Video Recorders, and even fridges, toasters and pressure cookers – are typically designed to be quick and cheap to produce, and inherently have very poor levels of security. The majority run variants of the Linux operating system and many have very simple or default administrator username and password combinations, or use standard encryption tools where the ‘key’ is widely available on the internet. There are some with no security features at all. Worryingly, the end user can do little to prevent their use by cyber criminals and hackers, even if they were to become aware that their device has been compromised. Other than turning it off and disconnecting it from any internet connection – which would pretty much leave the device as ‘dumb’, and remove the features they bought it for – there’s very little scope to prevent it from being recruited by hackers. The risk posed stems from a piece of malware called ‘Mirai’ (Japanese for ‘the future’). Developed by a coder who goes under the pseudonym of ‘Anna-senpai’, Mirai turns computer systems running Linux into remotely controlled ‘bots’ that can be used as part of a ‘botnet’ in large-scale network attacks. Mirai was first unleashed on September 20, 2016, with attacks on the Krebs website reaching up to 620 Gbps. Soon after, OVH was hit with an attack which reached a staggering 1 Tbps. Both these attacks used in the region of 150,000 infected IoT devices, and produced volumes of traffic in DDoS attacks never seen before. It is thought Krebs was targeted as he has exposed an Israeli group called ‘vDOS’ operating on the ‘Dark Web’ that rented out DDoS attacks (known as ‘DDoS-as-a-Service’). Soon after these attacks, the source code for Mirai was released on the Dark Web. This now gave other hackers and cyber criminals the opportunity to undertake massive DDoS attacks,which resulted in the Dyn incident. In a change of tactic, the hackers attempted to take down part of the key infrastructure of the internet rather than just focusing on a single website. This begs the question: Just how will DDoS attacks develop in 2017 and what will the future hold for internet security? Source: http://www.itproportal.com/features/the-new-age-of-ddos-and-we-joked-that-toasters-would-one-day-take-down-our-banks/

Read the original post:
The new age of DDoS – And we ‘joked’ that toasters would one day take down our banks

DDoS often used as a diversion tactic

While businesses are preoccupied solving DDoS attacks, hackers go in the back door to do some looting. Distributed denial of service (DDoS) attacks make a lot of noise, and according to a new Kaspersky Lab report, that’s exactly what hackers are using them for. As businesses are preoccupied solving DDoS attacks, hackers use the opportunity for another, more targeted and more deadly type of attack. Basically, DDoS is nothing more than a smokescreen. The conclusion comes in Kaspersky Lab’s report which polled businesses about their cybersecurity experiences, and more than half (56 per cent) say DDoS is being used as a smokescreen.   In more than a quarter (29 per cent) of attacks, DDoS has been part of the tactics. Another quarter (26 per cent) said when they lost data due to a targeted attack, they were also hit by DDoS.   “DDoS prevents a company from continuing its normal activities by putting either public or internal services on hold,” said Kirill Ilganaev, Head of Kaspersky DDoS Protection.   “This is a real problem to businesses and it is often ‘all hands on deck’ in the IT team to try and fix the problem quickly so the business can carry on as before. DDoS can therefore be used not only as an easy way to stop the activity of a company, but also as a decoy to distract IT staff from another intrusion taking place through other channels.”  The usual tactics include exploiting mobile devices, phishing scams, or even malicious activity from insiders. “The research shows us that DDoS attacks are often aligned with other threats. Businesses therefore need to be aware of the full threat landscape and prepared to deal with multiple types of criminal activity at any one time,” Ilganaev continued.  “Failure to do this could increase the collateral damage, on top of already significant losses caused by downtime and the resulting impact on reputation. Businesses need to use a reliable DDoS protection service to reduce the risk of DDoS and help staff concentrate their efforts on protecting the business from any threats that can be hidden as a result.”     Source: http://www.itproportal.com/news/ddos-often-used-as-a-diversion-tactic/

More:
DDoS often used as a diversion tactic