Tag Archives: university

DDoS attacks have gone from a minor nuisance to a possible new form of global warfare

“In principle, most of the denial-of-service attacks we see have no solution,” a security expert, Peter Neumann of SRI International, told the New York Times at the time. “The generic problem is basically unsolvable.” It still is. Twenty years on, DDoS attacks have increased exponentially in size, and vast swathes of the internet remain vulnerable. Experts say the proliferation of new but vulnerable connected devices, such as thermostats and security cameras, as well as the architecture of the internet itself, mean DDoS attacks will be with us for the foreseeable future. And rather than a mere annoyance that takes your favorite websites offline, they are starting to become a serious threat. According to Arbor Networks, an internet monitoring company that also sells DDoS protection, the volume of global DDoS attacks has grown by more than 30 times between 2011 and 2014. The attacks are also getting more intense. A string of them in September and October, which set records in terms of the volume of traffic (in gigabits per second, or Gbps) in each attack, proved that DDoS can overwhelm the internet’s best defenses. Among those they took down or threatened were a hosting service, a domain-name services provider (whose clients, including Twitter and Spotify, thus became inaccessible across entire regions of the US), a major content-delivery network, and the internet’s best-known blogger on security matters, Brian Krebs.  These are the most powerful DDoS attacks each year, by Arbor Networks’ count.   The September and October attacks are thought to have been carried out using Mirai, a piece of malware that allows hackers to hijack internet-connected devices such as security cameras. These are often sold with weak default passwords that their users don’t bother (or know how) to change. Mirai tracks them down, takes them over, and incorporates them into a “botnet” that launches DDoS attacks as well as finding and infecting other devices. Botnets aren’t new, but Mirai takes them to a new level, argues a recent paper (pdf) from the Institute of Critical Infrastructure Technology (ICIT), a research group. It’s a “development platform” for hackers to customize, the researchers say; the code was made public on a hacker forum, and people are free to innovate and build on it. In the past couple of months it’s thought to have been used to cripple the heating systems of two residential buildings in Finland and the online services of several Russian banks. The researchers speculate that hackers could tailor Mirai to do far bigger damage, such as bringing down a power grid. In September, security expert Bruce Schneier pointed to evidence that a large state actor—China or Russia, most likely—has been testing for weak points in companies that run critical parts of American internet infrastructure. It’s not outlandish to imagine that in the future, DDoS attacks powered by something like Mirai, harnessing the vast quantity of weakly secured internet-connected gadgets, could become part of a new kind of warfare. At the moment, the main defense against a DDoS attack is sheer brute force. This is what hosting companies offer. If a client suffers a DDoS attack, the hosting provider simply assigns more servers to soak up the flood of traffic. But as the latest attacks have shown, the power of botnets is simply growing too fast for even the biggest providers to defend against. There is a fix that would prevent a common type of DDoS attack—a “reflection” attack. This is where a hacker sends messages out to a botnet that seem to come from the target’s IP address (like sending an email with a fake reply-to address), causing the botnet to attack that target. The proposed fix, a security standard known as BCP38, which would make such fake return addressing impossible, has been available for 16 years. If all the ISPs on the internet implemented BCP38 on their routers, the most powerful DDoS attacks would be far more difficult to launch.  But the sheer number of networks and ISPs on the internet makes this idea wishful thinking, says Steve Uhlig, of London’s Queen Mary University, who specializes in the internet’s routing protocols.”Remember that the internet is made of more than 50,000 networks,” he says. If the most important and influential networks implement the fix, but the countless smaller operators don’t, DDoS attacks can continue to exploit spoofing. “Larger networks in the [internet core] can and do filter,” he says, “But they reduce the attacks by only a limited amount.” The internet’s decentralized design is what gives it its strength. But it’s also the source of what is rapidly becoming its biggest weakness. Source: http://qz.com/860630/ddos-attacks-have-gone-from-a-minor-nuisance-to-a-possible-new-form-of-global-warfare/

See more here:
DDoS attacks have gone from a minor nuisance to a possible new form of global warfare

Mobile advertising DDoS JavaScript drip serves site with 4.5 billion hits

CloudFlare has turned up an unusual form of denial-of-service attack: mobile advertisements that are pumping out around 275,000 HTTP requests per second.…

More:
Mobile advertising DDoS JavaScript drip serves site with 4.5 billion hits

The most damaging ramifications of DDoS attacks

More than half of IT security professionals (52 percent) said loss of customer trust and confidence were the most damaging consequences of DDoS attacks for their businesses, according to a survey cond…

View article:
The most damaging ramifications of DDoS attacks

Denial of service attacks pour through rift in Network Time Protocol

Mismatched clocks allow poison packets to prevent synching, and sink you Red Hat security chap Miroslav Lichvar has revealed two vulnerabilities in the Network Time Protocol (NTP) that allow attackers to get clients to execute unauthenticated packets.…

View post:
Denial of service attacks pour through rift in Network Time Protocol

Week in review: IE 0-day patched, Windows XP gets unexpected update, and tips on how to learn information security

Here's an overview of some of last week's most interesting news, reviews and articles: XSS bug in popular Chinese site exploited to launch DDoS attack DDoS mitigation firm Incapsula has put a st…

Read this article:
Week in review: IE 0-day patched, Windows XP gets unexpected update, and tips on how to learn information security

Boffins pen ‘Guide to better spamming’

Small, widely-dispersed botnets ought to do the trick Ignoring the manual and keeping your ‘bot nimble are some of the tips a quartet of security researchers have recommended to help spam reach inboxes more effectively.…

View article:
Boffins pen ‘Guide to better spamming’

Researchers Show How Easy It Is To Infiltrate Facebook

A new paper being presented next month at the Annual Computer Security Applications Conference (ACSAC) shows easy it is to infiltrate Facebook and harvest valuable user data. Botnets, networks of hijacked computers controlled remotely for criminal gain or spreading propaganda, have been aggravating cybersecurity professionals for years. The near-billion people connected to social networks has made Facebook and Twitter the new juicy targets for similar schemes

Continue reading here:
Researchers Show How Easy It Is To Infiltrate Facebook