Tag Archives: stop ddos attacks

Czech Parliamentary Election Websites Hit by Cyberattacks

The Czech statistical office has reported DDoS (Distrubuted Denial of Service) attacks on websites related to the recent parliamentary elections during the vote count. A number of websites of the Czech statistical office (CZSO) have been subject to cyberattacks during the counting of votes in the Czech parliament’s lower house election, Petra Bacova, the CZSO spokeswoman, told Sputnik Sunday. “The websites related to the parliamentary elections — volby.cz and volbyhned.cz — have temporary failed to function due to DDoS attacks [Distributed Denial of Service] during the vote count on Saturday. These attacks have not affected the overall progress of the election,” Bacova said. The police along with the Czech National Cyber and Information Security Agency have already launched an investigation into the attacks. “Thanks to the rapid response, the attacks on the both aforementioned servers have been neutralized, while the work of the websites has been resumed,” Bacova said. The Czech Republic held an election to the lower house of the parliament on Friday-Saturday. The centrist ANO political party won the election, receiving 29.64 percent of votes. Czech President Milos Zeman stated that he was ready to appoint Andrej Babis, ANO’s leader, as Czech prime minister. Source: https://sputniknews.com/europe/201710231058456317-czech-election-hit-cyberattack/

Follow this link:
Czech Parliamentary Election Websites Hit by Cyberattacks

New Mirai-Like Malware Targets IoT Devices

Security researchers are warning about malware that’s been enslaving routers, webcams and DVRs across the world to create a giant botnet capable of disrupting the internet. The malware, called Reaper or IoTroop, isn’t the first to target poorly secured devices. But it’s doing so at an alarmingly fast rate, according to security firm Check Point, which noticed the malicious code last month. The malware has infected “hundreds of thousands” of devices, said Maya Horowitz, threat intelligence group manager at Check Point. Reaper brings up memories of malware known as Mirai, which formed its own giant botnet in 2016 and infected over 500,000 IoT devices, according to some estimates. It then began launching a massive distributed denial-of-service (DDoS) attack that disrupted internet access across the US. Reaper could be used to launch a similar attack, Check Point researchers said. The good news is the infected bots haven’t launched any DDoS campaigns. Instead, they’re still focused on enslaving new devices. Researchers at security firm Qihoo 360 also noticed the Reaper malware, and found evidence it was trying to infect at least 2 million vulnerable devices. Reaper even borrows some source code from Mirai, though it spreads itself differently, Qihoo said. Unlike Mirai, which relies on cracking the default password to gain access to the device, Reaper has been found targeting around a dozen different vulnerabilities found in products from D-Link, Netgear, Linksys, and others. All these vulnerabilities are publicly known, and at least some of the vendors have released security patches to fix them. But that hasn’t stopped the mysterious developer behind Reaper from exploiting the vulnerabilities. In many cases, IoT devices will remain unpatched because the security fixes aren’t easy to install. Who may have created the malware and what their motives are still isn’t known, but all the tools needed to make it are actually available online, Horowitz said. For instance, the source code to the Mirai malware was dumped on a hacking forum last year. In addition, data about the vulnerabilities Reaper targets can be found in security research posted online. “It’s so easy to be a threat actor when all these public exploits and malware can be just posted on GitHub,” she said. “It’s really easy to just rip the code, and combine, to create your own strong cyber weapon.” Unfortunately, little might be done to stop the Reaper malware. Security experts have all been warning that poorly secured IoT devices need to be patched, but clearly many haven’t. “This is another wakeup call” for manufacturers, Horowitz said. Source: https://www.pcmag.com/news/356926/new-mirai-like-malware-targets-iot-devices

Read the original post:
New Mirai-Like Malware Targets IoT Devices

Android malware on Google Play grows botnets, launches DDoS attacks

The Sockbot malware has made its way into at least eight Apps in the Google Play Store with the intent of adding devices to botnets and performing DDoS attacks. Symantec researchers said the malicious apps have each been downloaded between 600,000 and 2.6 million times respectively and has primarily targeted users in the United States although infections have been spotted in Russia, Ukraine, Brazil, and Germany, according to an Oct 18 blog post. One of the malicious apps poses as an app that will allow users to modify their Minecraft characters. The app uses a SOCKS proxy mechanism and is commanded to connect to an ad server and launch ad requests. “This highly flexible proxy topology could easily be extended to take advantage of a number of network-based vulnerabilities, and could potentially span security boundaries,” the post said. “In addition to enabling arbitrary network attacks, the large footprint of this infection could also be leveraged to mount a distributed denial of service (DDoS) attack.” Researchers contacted Google Play on Oct. 6 and the malicious apps have since been removed from the store. To prevent downloading similar malicious apps users should keep software updated, refrain from downloading apps from unfamiliar sites, only install apps from trusted sources, and pay close attention to the permissions requested by an app. Users should also install mobile security apps and make frequent backups of data. Source: https://www.scmagazine.com/sockbot-malware-adds-devices-to-botnets-executes-ddos-attacks/article/701189/

Visit site:
Android malware on Google Play grows botnets, launches DDoS attacks

What is cyber terrorism?

How is cyber terrorism defined and how likely is an attack? Everyone is familiar with what “terrorism” means, but when we stick the word “cyber” in front of it, things get a bit more nebulous. Whereas the effects of real-world terrorism are both obvious and destructive, those of cyber terrorism are often hidden to those who aren’t directly affected. Also, those effects are more likely to be disruptive than destructive, although this isn’t always the case. Cyber terrorism incidents One of the earliest examples of cyber terrorism is a 1996 attack on an ISP in Massachusetts. Cited by Edward Maggio of the New York Institute of Technology and the authors of Internet: A Historical Encyclopedia, Volume 2 , a hacker allegedly associated with the white supremacist movement in the US broke into his Massachusetts-based ISP after it prevented him from sending out a worldwide racist message under its name. The individual deleted some records and temporarily disabled the ISP’s services, leaving the threat “you have yet to see true electronic terrorism. This is a promise” While this is a clear example of a cyber-terrorist incident carried out by a malicious, politically motivated individual that caused both disruption and damage, other frequently listed examples fit less clearly into the category of “terrorism”. For example, while attacks that have taken out emergency services call centres or air-traffic control could be considered cyber terrorism, the motivation of the individuals is often unclear. If a person caused real-life disruption to these systems, but had no particular motivation other than mischief, would they be classed as a terrorist? Perhaps not. Similarly, cyber protests such as those that occurred in 1999 during the Kosovo against NATO’s bombing campaign in the country or website defacements and DDoS attacks are arguably online versions of traditional protests, rather than terrorism. Additionally, in the case of civil war, if one side commits a cyber attack against the other then it can be said to be more of an act of war – or cyber war – than one of cyber terror. Again, where there is a cold war between nations, associated cyber attacks could be thought of as sub-conflict level skirmishes. Indeed, the FBI defines cyber terrorism as “[any] premeditated, politically motivated attack against information, computer systems or computer programs, and data which results in violence against non-combatant targets by sub-national groups or clandestine agents”. Under this definition, very few of the tens-of-thousands of cyber attacks carried out every year would count as cyber terrorism. The future of cyber terrorism As the number of connected devices increases, the likelihood of a more destructive cyber terrorist incident – something on a par with an attack in the physical world – becomes increasingly possible. The security industry is full of stories and proofs of concept about hacking medical devices, with two particularly famous demonstrations being given by New Zealander Barnaby Jack. This opens up the possibility for targeted assassinations or mass-scale killings carried out remotely and potentially across borders. Similarly, there are concerns self-driving vehicles could be turned into remote-controlled missiles and used in an attack, although the counter argument is that such vehicles will make the roads safer in the face of terrorists driving conventional vehicles into crowds. Another possible style of cyber terrorism is disruption of infrastructure in a way that could potentially endanger life. For example, in 2016 an unknown actor caused a disruption that saw two apartment buildings in Finland lost hot water and heating for a week in the dead of winter. In locations as cold as Finland, actions like this could cause illness and death if widespread and sustained. Nevertheless, the likelihood is most serious cyber attacks will be acts of cyber warfare, rather than cyber terrorism, as nation states have larger and more sophisticated resources at hand. Source: http://www.itpro.co.uk/security/29726/what-is-cyber-terrorism

See the original post:
What is cyber terrorism?

More than half of businesses fell victim to DDoS attacks in the past year, survey shows

CDNeworks research shows 54% of businesses were hit by distributed denial of service attacks in the last year, and many feel they are underinvesting in cyber defences. More than half of businesses (54%) have been victims of successful distributed denial of service (DDoS) attacks over the past 12 months, according to research from cloud security firm CDNetworks. The company surveyed 305 organisations in the UK, Germany, Austria and Switzerland about the technologies that protect them from cyber attacks. Some 83% of the respondents felt either confident or very confident about their cyber defences, but 44% felt they were currently underinvesting in anti-DDoS technologies. Chris Townsley, Emea director for CDNetworks, told Computer Weekly that this mix of opinions was strange. “Not only is there widespread complacency – the overwhelming confidence in DDoS protection, undermined by the high proportion of businesses suffering successful attacks – but there is also a significant number of businesses that are worried that they have not invested enough,” he said. “It is odd to see so much confidence alongside such doubt about whether enough is being done.” The survey also found that 64% of organisations said they would be investing more in such technology over the next year, and in terms of expectation of an attack, 79% rated the likelihood of an attack as between “likely” and “almost certain”. This attitude is reflected in the frequency of incidents, with 86% saying they had suffered a DDoS attack in the previous 12 months. The size of attacks is also growing. In the first half of 2015, the largest DDoS attack recorded was 21Gbps, but during the equivalent period in 2016, it was 58.8Gbps. Also, 31% of attacks in the first half of 2016 were 50Gbps or more, but there were no attacks of that size in the first half of 2015. Townsley added: “As the size of attacks increases, businesses need to look more at protection from the edge and not at the origin or datacentre. “As the size of traffic increases, so does the likelihood that the bandwidth of the origin server will be saturated, no matter what protection is in place to keep it up and functioning. “Also, with the frequency of attacks increasing, businesses should move to a mindset of ‘when’ and not ‘if’ an attack will occur.” When asked whether the number of successful attacks was due to businesses buying the wrong security products, Townsley said: “It could be that the type of protection was not suitable, or was suitable for some types of attack but not all. As the types of attack are changing all the time, products can become obsolete.” Source: http://www.computerweekly.com/news/450428288/More-than-half-of-businesses-fell-victim-to-DDoS-attacks-in-the-past-year-survey-shows

Read the original post:
More than half of businesses fell victim to DDoS attacks in the past year, survey shows

Dark Web Marketplaces Go Down In Reported Mass DDoS Attack

There seems to be some turbulence going on in the murky world of the dark web, with four of its major drug marketplaces unexpectedly going offline, reports said. The dark web is a section of the internet where people contact each other anonymously without the fear of being monitored. It is usually used by criminals to sell drugs, chemicals, weapons, child abuse images and even offer assassination services. Websites The Trade Route, Tochka, Wall Street Market and Dream Market, were down without any notification or clarification from the sites’ administrators. According to some users of such markets, this might either be a DDoS attack by a hacker or a large scale action by law enforcement authorities.                     However, there are more chances of the former happening than the latter. Some dark web users have also started complaining of botnet attacks.           Another farfetched theory is that this is scam by a bunch of drug dealers — taking off with the money of their clients while not providing them with the required merchandize. With no notification or clarification from the sites’ administrators, the exact reason for the sudden disappearance of such marketplaces remains unclear. However, a user going by the name Automoderator commented on a the subreddit /r/DarkNetMarketNoobs that the WallStreetMarket is not listed currently, as it is facing “very serious issues” and warned others to avoid it all costs. Some other users on the subreddit say that the Dream Market has been working fine on all its mirrors, but, however its main site is down. At the time of writing, the marketplaces were still down, according to dark web marketplace tracker deepdotweb. Many sites on the dark web are also run by law enforcement — the Australian Police ran one of the world’s biggest child porn sites on the dark web between October 2016 and September 2017, called Child’s Play, in an effort to nab pedophiles. The police grabbed the administrator access from two cyber criminals — Benjamin Faulkner and Patrick Falte and started administering the sites. Police even posted more child porn on the site in an effort to convince the viewers that the site had not been taken over by the authorities. By the time they shut down the site, police were able to nab more than 90 pedophiles in Australia and 900 across the world. In case, the marketplaces were being taken over by law enforcement to nab drug traffickers and child porn purveyors, it might be a different case. However the development has many dark web users in a state of paranoia and many users have posted on Reddit reminding other users of such busts. Such attacks on dark web markets in the past have usually begun with large-scale DDoS attacks. In July, a massive trans-continental sting saw two of the dark web’s biggest sites at the time, AlphaBay and Hansa, being taken down. Law enforcement agencies claimed they were able to collect incriminating information on hundreds of buyers and vendors, going as far as threatening to prosecute them. Source: http://www.ibtimes.com/dark-web-marketplaces-go-down-reported-mass-ddos-attack-2601105

See the original article here:
Dark Web Marketplaces Go Down In Reported Mass DDoS Attack

33% of businesses hit by DDoS attack in 2017, double that of 2016

Distributed Denial of Service attacks are on the rise this year, and used to gain access to corporate data and harm a victim’s services, according to a Kaspersky Lab report. Cybercriminals are increasingly turning to Distributed Denial of Service (DDoS) this year, as 33% of organizations faced such an attack in 2017—up from just 17% in 2016, according to a new report from Kaspersky Lab. These cyber attacks are hitting businesses of all sizes: Of those affected, 20% were very small businesses, 33% were SMBs, and 41% were enterprises. Half of all businesses reported that the frequency and complexity of DDoS attacks targeting organizations like theirs is growing every year, highlighting the need for more awareness and protection against them, according to Kaspersky Lab. Of the companies that were hit in 2016, 82% said that they faced more than one DDoS attack. At this point in 2017, 76% of those hit said they had faced at least one attack. Cybercriminals use DDoS attacks to gain access to valuable corporate data, as well as to cripple a victim’s services, Kaspersky Lab noted. These attacks often result in serious disruption of business: Of the organizations hit by DDoS attacks this year, 26% reported a significant decrease in performance of services, and 14% reported a failure of transactions and processes in affected services. Additionally, some 53% of companies reported that DDoS attacks against them were used as a smokescreen to cover up other types of cybercrime. Half (50%) of these respondents said that the attack hid a malware infection, 49% said that it masked a data leak or theft, 42% said that it was used to cover up a network intrusion or hacking, and 26% said that it was hiding financial theft, Kaspersky Lab found. These results are part of Kaspersky Lab’s annual IT Security Risks survey, which included responses from more than 5,200 representatives of small, medium, and large businesses from 29 countries. “The threat of being hit by a DDoS attack – either standalone or as part of a greater attack arsenal – is showing no signs of diminishing,” said Kirill Ilganaev, head of Kaspersky DDoS protection at Kaspersky Lab, in a press release. “It’s not a case of if an organization will be hit, but when. With the problem growing and affecting every type and size of company, it is important for organizations to protect their IT infrastructure from being infiltrated and keep their data safe from attack.” Want to use this data in your next business presentation? Feel free to copy and paste these top takeaways into your next slideshow. 33% of organizations experienced a DDoS attack in 2017, compared to 17% in 2016. -Kaspersky Lab, 2017 Of organizations hit by DDoS attacks, 20% were very small businesses, 33% were SMBs, and 41% were enterprises. -Kaspersky Lab, 2017 53% of companies reported that DDoS attacks against them were used as a smokescreen to cover up other types of cybercrime, including malware, data leaks, and financial theft. -Kaspersky Lab, 2017 Source: http://www.techrepublic.com/article/33-of-businesses-hit-by-ddos-attack-in-2017-double-that-of-2016/

Read this article:
33% of businesses hit by DDoS attack in 2017, double that of 2016

Euro commissioner calls for more collaboration on cyber security

European commissioner for security union has called for greater awareness of cyber security risks and increased collaboration in defending against them. Cyber threats are one of the top security concerns for nine out of 10 European Union citizens, according to Julian King, European commissioner for security union. “In an internet-connected age that is becoming ever more dependent on internet-connected technologies, we have become more vulnerable to those who are ready to exploit those technologies to try and do us harm for financial or political motives,” he told the CyberSec European Cybersecurity Forum in Krakow, Poland. King, who has previously served as the UK ambassador to France, said that while the digital age brings “huge opportunities”, it also brings risk. But he said these risks are becoming increasingly widely understood, particularly because of events such as the WannaCry and NotPetya attacks in May and June 2017, which affected hundreds of thousands of individuals and organisations in more than 150 countries and naturally serve as a “wake-up call”. According to the latest Europol report on internet organised crime, King said the barriers to committing cyber attacks are “woefully low”, with little chance of getting caught, mainly because of the availability of a “vast range” of cyber criminal tools and services on the dark net, with some attacks costing as little as $5. “For criminals, non-state and state actors, life has never been so easy,” he said, “with an arsenal that includes ransomware, phishing tools, Trojans, distributed denial of service [DDoS] attacks, botnets and identity theft services.” In 2016, said King, European citizens were the subject of two billion data breaches, and every month, one in five industrial computers was attacked. Since 2016, more than 4,000 ransomware attacks have taken place every day across the EU – a 300% increase on 2015, he said. Aviation systems face an average of 1,000 cyber attacks a month, and card-not-present fraud is currently worth about €1bn a year in the Eurozone alone. ‘Tackle this scourge’ “If we were talking about a public health issue, then we would be using the word ‘pandemic’ to describe the scale of the challenge,” said King, “so I think it is time to shift our efforts to tackle this scourge, which is precisely what the European Commission, with the other institutions and the member states, wants to do. “We want to strengthen resilience, build effective deterrents and create durable cyber defence.” King pointed out that this work has been going on for some time, and that the European Union has had a cyber security strategy since 2013. “The Network and Information System [NIS] directive, agreed in 2016, built on that and will require [operators of] essential systems to assess risk, prepare a strategy, put in place protections, develop capabilities and competence, educate staff and the public, and share information about threats and incidents,” he said. The challenge is that the threat itself does not stand still, said King. “It continues to change and evolve, both in its nature and in terms of the expanding attack surface that we are seeking to protect and manage, with homes, hospitals, governments, electricity grids and cars becoming increasingly connected.” ‘Offline’ lives affected Another important fact to acknowledge, said King, is that cyber attacks are increasingly affecting people’s “offline” lives, such as the power outages in Ukraine caused by cyber attacks. He noted that, according to Symantec, the Dragonfly hacking group potentially still has the capacity to control or sabotage European energy systems. “The internet of things [IoT] means that tens of billions more devices will go online, and in 2016, the Mirai malware attack highlighted IoT vulnerability, with hundreds of thousands of normal devices infected and turned into the world’s biggest botnet,” he said. The internet was designed and built on trust, said King. “Our challenge today is to retro-engineer security and security awareness into the system,” he said, noting that “too often” in the rush to get new devices to market, manufacturers “forget” security or do not give it enough importance. “That means devices never lose their easy-to-guess default passwords; it means the update policy is unclear; it means encryption not being used; and it means unnecessary ports, hardware, services and code that make the attack surface larger than it needs to be,” he said. According to King, all these things are “relatively straightforward” to sort out, but when they are attacked cumulatively, it has “deeply troubling implications for our collective digital security and, as a result, cyber threats are becoming more strategic, especially with the ability to endanger critical infrastructure, and they are becoming more ‘endemic’ – spreading from IT networks to the business-critical operations of other economic sectors”. Collective response A few days after the recent State of the Union speech by European Commission president Jean Claude Junker underlining the importance of tackling cyber threats, King said the EC had presented a package of proposals intended to reinforce a collective response based on resilience, deterrence and defence. “In all of these areas, we need to strengthen co-operation and we need to focus on international governance and international co-operation,” said King. “We urgently need to become more resilient. We need to make ourselves harder to attack, and we need to be quicker to respond.” To that end, he said, the EC is proposing an EU cyber security agency based on the existing Enisa network and information security agency to help drive up cyber security standards and ensure a rapid and co-ordinated response to attacks across the whole of the EU. Member states also need to fully implement the NIS directive, said King, to extend beyond critical sectors to other sectors at risk, starting with public administration, and to resource their computer incident response teams properly. “To further reinforce these efforts, the new cyber security agency will also implement an EU standards certification framework to drive up the level of cyber security by ensuring that products on the market are sufficiently cyber resilient,” he said. “We need to move to a world in which there are no default passwords on internet-connected devices, where all companies providing internet services and devices adhere to a vulnerability disclosure policy, and where connected devices and software are updatable for their entire lifespan.” Standards certification framework King said the new standards certification framework should promote new EU-wide schemes and procedures and create a comprehensive set of rules, requirements and standards to evaluate how secure digital products and services actually are. “But, given that 95% of attacks involve some human interaction with technology, building resilience also means changing behaviours to improve cyber hygiene…and having the right skills to drive technological innovation to stay ahead of attackers,” he said, pointing out that Europe is projected to have 350,000 unfilled cyber security jobs by 2022. “We need to mainstream cyber security education and training programmes and we need to invest in innovation,” said King. As well as improving resilience, he said, there is a need to create real and credible disincentives for attackers. “We need to make attacks easier to detect, trace, investigate and punish,” he said. But attribution is often difficult, said King, and for this reason, the EC is seeking to promote the uptake of Internet Protocol Version 6 (IPv6). “Under IPv6, you will only be able to allocate a single user per IP address,” he said, adding that the EC is also seeking to increase cooperation and sharing of cyber expertise and reinforcing forensic capabilities across the EU and within Europol “so that law enforcement can keep pace with criminals”. Strengthen cyber defence When it comes to defence, said King, the EC plans to explore whether the new EU Defence Fund could help to develop and strengthen cyber defence capabilities. “We want to team up with our partners, and the EU will deepen co-operation with Nato on cyber security, hybrid threats and cyber defence,” he said. “It is in our common interest.” Finally, King said that while the internet offers “enormous opportunities” for citizens, governments and international organisations, it also offers “unprecedented opportunities” for criminals, terrorists and other hostile actors. “We need to be alive to this risk, and we need to take steps together to counter these threats because by working together, we can boost resilience, drive technological innovation, increase deterrents, and harness international co-operation to promote our collective security,” he concluded. Source: http://www.computerweekly.com/news/450427879/Euro-commissioner-calls-for-more-collaboration-on-cyber-security

Link:
Euro commissioner calls for more collaboration on cyber security

DDoS attacks double as corporate data becomes new target

While more organisations are being hit by a DDoS attacks in 2017 compared to last year, less are being hit by more than one. DDoS attacks have increased in frequency in 2017, with 33 per cent of organisations having faced one this year compared to just 17 per cent in 2016. While DDoS attacks have been previously used to disable the operations of a target, the driving motivation to use it now is the theft of corporate data. Over a third of organisations having been hit by a DDoS attack this year, 20 per cent have been small businesses, 33 per cent medium, and 41 per cent have been in the enterprise category. Security provider Kaspersky is behind this data, with findings from its Global IT Security Risks Survey 2017. The damage inflicted by a DDoS attack may prove more long lasting than some might expect, with 26 per cent of businesses hit reporting a lasting impact on the performance of services. Russ Madley, Head of VSMB & channel at Kaspersky Lab UK, said: “While DDoS attacks have been a threat for many years, it’s still important that businesses take DDoS attacks seriously as they are one of the most popular weapons in a cybercriminal’s arsenal. They can be just as damaging to a business as any other cybercrime, especially if used as part of a bigger targeted attack.” It important to remember that DDoS attack can leave an organisation lame as it returns to regular activity, but an attack can also have a direct and immediate impact on reputation and the financial standing of a business. “The ramifications caused by these types of attacks can be far-reaching as they’re able to reach deep into a company’s internal systems. Organisations must understand that protection of the IT infrastructure requires a comprehensive approach and continuous monitoring, regardless of the company’s size or sphere of activity,” said Madley. While more organisations are facing DDoS attacks, the percentage of businesses hit by more than one has dropped this year to 76 per cent, a reduction from the 82 per cent that experienced more than one last year. Source: http://www.cbronline.com/news/cybersecurity/ddos-attacks-double-corporate-data-becomes-new-target/

View post:
DDoS attacks double as corporate data becomes new target

US SEC Corporate Filing System Said to Be Vulnerable to DDoS Attacks

The US Securities and Exchange Commission (SEC), Wall Street’s top regulator, has discovered a vulnerability in its corporate filing database that could cause the system to collapse, according to an internal document seen by Reuters. The SEC’s September 22 memo reveals that its EDGAR database, containing financial reports from US public companies and mutual funds, could be at risk of “denial of service” attacks, a type of cyber intrusion that floods a network, overwhelming it and forcing it to close. The discovery came when the SEC was testing EDGAR’s ability to absorb monthly and annual financial filings that will be required under new rules adopted last year for the $18 trillion mutual fund industry. The memo shows that even an unintentional error by a company, and not just hackers with malicious intentions, could bring the system down. Even the submission of a large “invalid” form could overwhelm the system’s memory. The defect comes after the SEC’s admission last month that hackers breached the EDGAR database in 2016. The discovery will likely add to concerns about the vulnerability of the SEC’s network and whether the agency has been adequately addressing cyber threats. The mutual fund industry has long had concerns that market-sensitive data required in the new rules could be exploited if it got into the wrong hands. The industry has since redoubled its calls for SEC Chairman Jay Clayton to delay the data-reporting rules, set to go into effect in June next year, until it is reassured the information will be secure. “Clearly, the SEC should postpone implementation of its data reporting rule until the security of those systems is thoroughly tested and assessed by independent third parties,” said Mike McNamee, chief public communications officer of The Investment Company Institute (ICI), whose members manage $20 trillion worth of assets in the United States. “We are confident Chairman Clayton will live up to his pledge that the SEC will take whatever steps are necessary to ensure the security of its systems and the data it collects.” An SEC spokesman declined to comment. The rules adopted last year requiring asset managers to file monthly and annual reports about their portfolio holdings were designed to protect them in the event of a market crisis by showing the SEC and investors that they have enough liquidity to cover a rush of redemptions. During a Congressional hearing on Wednesday, Clayton testified that the agency was considering whether to delay the rules in light of the cyber concerns. He did not, however, mention anything about the denial of service attack vulnerability. Virtual vomit EDGAR is the repository for corporate America, housing millions of filings ranging from quarterly earnings to statements on acquisitions. It is a virtual treasure trove for cyber criminals who could trade on any information gleaned before it is publicly released. In the hack disclosed last month involving EDGAR, the SEC has said it now believes the criminals may have stolen non-public data for illicit trading. The vulnerability revealed in the September memo shows that even an invalid form could jam up EDGAR. The system did not immediately reject the form, the memo says. Rather, “it was being validated for hours before failing due to an invalid form type.” That conclusion could spell trouble for the SEC’s EDGAR database because it means that if hackers wanted to, they could “basically take down the whole EDGAR system” by submitting a malicious data file, said one cyber security expert with experience securing networks of financial regulators who reviewed the letter for Reuters. “The system would consume the data and essentially throw up on itself,” the person added. Source: http://gadgets.ndtv.com/internet/news/us-sec-corporate-filing-system-said-to-be-vulnerable-to-ddos-attacks-1759392

More:
US SEC Corporate Filing System Said to Be Vulnerable to DDoS Attacks