Tag Archives: ddos news

DOSarrest External Monitoring Service launches iOS and Android App

VANCOUVER , April 8, 2015 /PRNewswire/ – DOSarrest Internet Security, a fully managed cloud based DDoS protection service, today announced that their DOSarrest External Monitoring Service (DEMS), a real-time website monitoring tool, launches a new iOS and Android application for clients. This application is a complimentary service to all DOSarrest clients who are subscribed to DOSarrest’s industry leading DDoS protection service. The new mobile application on iOS and Android will allow clients to easily access and view their website(s) status and performance in real-time 24/7/365, as well as enable them to historically view all of the statistics for up to 1 year from 8 globally distributed sensors. Jag Bains, CTO of DOSarrest says “This application is beneficial to all of our clients who have a mission critical website that requires 100% uptime. Unlike other monitoring services, this service is fully managed 24/7/365. Should anything unexpected occur, our engineers will investigate, pinpoint and advise the client on a solution in near real-time. No other vendor in this industry offers this level of customer service.” “We have a number of clients who depend on this service and some have subscribed to it that aren’t even using our DDoS protection service,” says Mark Teolis , CEO of DOSarrest. “With the new mobile application, in one click on your smart phone, you can view what sites are up or down and why in real-time, whenever and wherever you are. It’s like the laptop version in your pocket.” Teolis adds “As I far as I know, no other DDoS protection service or CDN offers any such complimentary service that compares to our External Monitoring Service, with 8 globally distributed sensors completely independent of any of our scrubbing nodes.” About DOSarrest Internet Security: DOSarrest founded in 2007 in Vancouver, B.C. , Canada , is one of only a couple of companies worldwide to specialize in cloud based DDoS protection services . Additional Web security services offered are Cloud based W eb A pplication F irewall (WAF), V ulnerability T esting and O ptimization (VTO) as well as cloud based global load balancing. SOURCE: http://www.prnewswire.com/news-releases/dosarrest-external-monitoring-service-launches-ios-and-android-app-499026641.html

Microsoft, Sony, and Nintendo collaborating to stop DDoS attacks

Xbox boss Phil Spencer has been talking with his rivals to see how they can avoid a repeat of the Christmas Xbox Live and PSN downtime. It’s very rare for console manufacturers to work together on anything, but the DDoS attacks on Xbox Live and PSN over Christmas have been enough for Microsoft to initiate conversations with its two rivals. ‘I don’t think it’s great when PSN goes down,’ Spencer told Game Informer. ‘It doesn’t help me. All it does is put the fear and distrust from any gamer that’s out there, so I look at all of us together as this is our collective opportunity to share what we can about what we’re learning and how things are growing. Those conversations happen, which I think is great.’ He added that the Christmas attacks had been a ‘learning experience’ and that, ‘Our commitment to Xbox One customers is to make sure our service is robust and reliable’. Although Xbox Live seemed to recover more quickly from the attacks than Sony, and Nintendo weren’t affected at all, there is no easy defence against DDoS as they’re not really hacking (no data was stolen or accessed) and simply involve overloading a server with requests. As a result it’s not clear what defences Spencer was discussing with Sony and Nintendo, but it is good to know they’re at least talking. Source: http://metro.co.uk/2015/03/06/microsoft-sony-and-nintendo-collaborating-to-stop-ddos-attacks-5091159/

More:
Microsoft, Sony, and Nintendo collaborating to stop DDoS attacks

Michigan High School Student Facing Charges After lauching DDoS attack on School Network

A student at Monroe High School in Monroe, Michigan, was recently caught conducting a distributed denial of service attack (DDoS), and Monroe Public Schools Superintendent Barry Martin says the district will be pressing charges. Over a period of two weeks, the unnamed student managed to take the network down for ten to fifteen minutes at a time during the school day. This had a heightened effect on the district, as modern-day high schools rely heavily on the Internet for administration as well as classroom instruction. “We are so reliant on the Internet that we can’t afford to have down time,” said Stephen McNew, the superintendent of the district in which the student attended school. No Sensitive Data Compromised Despite having success at being disruptive, an act that the student considered to be a prank, no sensitive documents, e-mails, or files were ever compromised, which should contribute greatly to his defense. Merely disrupting communications is far less of a crime than is stealing sensitive information about other students or private communications between staff members. “A Good Student” Barry Martin called the alleged hacker “a good student” in comments to the Monroe News but said that this act could not be tolerated, and charges would be filed. DDoS is a federal felony, but from the sounds of it, the FBI has not yet been involved in the case. It is taken very seriously when the targets are larger organizations or government institutions, and ordinarily those who are serious about conducting DDoS attacks are careful to cover their tracks. It is not yet evident how the student was found to be a suspect in the case, but in the town of roughly 20,000 people, the pool of likely suspects is rather slim. The profile would be a student with high grades and extreme computer aptitude. This would make the pool of likely suspects even smaller. The way that high schools often conduct such investigations, the student would have been brought in front of a police officer and interrogated until he confessed. Like as not, school officials would pretend to know already that he was guilty, and he would confess. Equally as likely, the student bragged about it to another student, who then turned him in. Another thing that the administrators said about the student was that he probably didn’t know the seriousness of what he was doing. This is in line with existing research that has concluded that adolescents are less likely to consider the consequences of their actions before taking them. Locals Have Mixed Feelings Many locals on the Monroe News Facebook page felt that a felony would be too stern a response for the gifted student’s prank. After all, in the end, the one thing he illustrated was that the school district had a weak network infrastructure that needs upgrading. Especially if, as administrators have said, they are extremely reliant on the Internet in daily teaching. Source: https://hacked.com/michigan-high-school-student-facing-charges-ddosing-school-network/

View post:
Michigan High School Student Facing Charges After lauching DDoS attack on School Network

Anonymous proxies now used in a fifth of DDOS attacks

The number of DDOS attacks using anonymous proxies has increased The number of distributed denial of service attacks using anonymous proxies has increased dramatically over the past year, according to a new research report, as attackers use these proxies to create an instant pseudo-botnet. Ofer Gayer, security researcher at Redwood Shores, CA-based Incapsula Inc., said he first spotted the trend about a year ago. Incapsula was working on creating a database of IP addresses spotted attempting malicious activity, and discovered that attackers were abusing anonymous proxies to turn a regular single-origin denial of service attack into a distributed denial of service attack with traffic flowing through thousands — or tens of thousands — different IP addresses. A year ago, fewer than 5 percent of DDOS attacks came through anonymous proxies. Today, the number is close to 20 percent, Gayer said. “The trend intensified over the past two months,” Gayer said. “Currently, 20 percent of all application-layer attacks are originating from these proxy servers.” Of those, nearly 45 percent came from the TOR network of anonymous routers, and, of those, 60 percent used the TOR Hammer DoS tool. On average, a single attacker would direct traffic from 1,800 different IP addresses, with 540,000 requests per instance. According to Incapsula product evangelist Igal Zeifman, what this means is that an attacker could be sitting at home, on a single computer, and route traffic to a list of anonymous proxies to create an instant botnet-style attack. All it takes is a proxy harvesting script and a publicly-available DOS toolkit. Anonymous proxies, or anonymizers, can serve a useful purpose, preventing identity theft, protecting search histories, avoiding geographical marketing and access restrictions, and allowing activists to bypass Internet censorship of repressive regimes. They also offer several benefits to DDOS attackers. First, they mask the source of an attack and help the attackers evade security measures based on access control lists. They also help the attacker avoid geo-blacklisting, since the attack can be spread among proxies in many different countries. Second, since each proxy is only passing along a small number of messages, it helps the attackers avoid counter-measures based on limiting the number of messages from a single source. Finally, proxies make slight changes to message headers. That helps the attackers avoid signature-based defenses. “You can Google to find several options to generate lists of these servers,” said Zeifman. “And these servers accept requests from anyone.” Each of the anonymous proxies can be used to forward a small amount of traffic, that, together, add up to enough to take down an application. “It’s like a thousand needles, stinging all at the same time,” said Zeifman. Since the attackers are going after application, not much traffic is required. “Very few server operators think about over-provisioning their CPUs,” he said. “Even a small overhead of 100 requests per second is enough to take down a dedicated server environment.” Source: http://www.csoonline.com/article/2903939/application-security/anonymous-proxies-now-used-in-a-fifth-of-ddos-attacks.html

Visit link:
Anonymous proxies now used in a fifth of DDOS attacks

DDoS attack temporarily blocks seattletimes.com

A denial-of-service attack, in which perpetrators flood a targeted website with requests that overwhelm the site’s servers, is believed to have caused Monday morning’s outage. A cyberattack took down The Seattle Times website for about 90 minutes Monday morning. Seattletimes.com was unavailable from about 8 a.m. to 9:30 a.m. as a result of a denial-of-service attack, company spokeswoman Jill Mackie said. “The Seattle Times website experienced technical problems Monday morning due to an external attack that appears to have targeted other sites,” Mackie said in a statement. “We continue to monitor the situation and apologize for any inconvenience this caused readers.” Denial-of-service attacks are designed to flood a website with requests, essentially overwhelming the site’s servers and preventing it from responding to other users. The result is a site that grinds to a halt or runs so slowly that it becomes unusable. Such attacks on their own aren’t designed to damage a target’s computer systems or steal files. The attacks, a fixture of Internet security threats for decades, have been blamed on culprits ranging from political operatives to young, tech-savvy hackers connected by social media. The ease with which such attacks could be orchestrated was illustrated in 2000 when a 15-year-old Canadian boy, working under the alias “Mafiaboy,” was able to temporarily bring down the websites of Yahoo, CNN and Amazon.com, among others. Mackie said The Seattle Times’ information technology staff believes Monday’s attack on the website was carried out by a cyberattack group that calls itself Vikingdom2015. The group is said to have targeted several government and media websites, including those of the Indiana state government and the Bangor (Maine) Daily News, with denial-of-service attacks. IBM security researchers said the group was formed from former members of the Team Cyber Poison hacker group, and began attacking websites this month. Source: http://www.seattletimes.com/business/technology/cyberattack-temporarily-blocks-seattletimescom/

View original post here:
DDoS attack temporarily blocks seattletimes.com

Rutgers Suffers Foreign DDoS Attack

On Monday morning, Rutgers University was still trying to recover from a distributed denial of service (DDoS ) attack that had been launched against it over the weekend, according to media reports. The attack, which began on Friday afternoon, interrupted Internet service for Rutgers students, faculty and staff, although no confidential information appears to have been leaked. The university’s Office of Information Technology (OIT) had managed to restore Internet service on campus as of Monday, although some services remained unavailable for users trying to access the systems from off-campus. On Sunday, Don Smith, Rutgers’ vice president of Information Technology, alerted students to the attack via e-mail. Attack Originated from Ukraine, China “The Rutgers University network has been under an extended distributed denial of service (DDOS) attack since Friday, Mar. 27,” the university wrote in a security briefing on its computing services Web site on Sunday. “Since the initial attack, there have been multiple follow-up attacks. OIT has been working to maintain access to the network and IT services around the clock since the attacks began, but as fast as one service is fixed another is targeted.” The FBI is investigating the attack, which is believed to have originated from China and the Ukraine, according to a report by the local New York NBC affiliate, citing a source at the university. The local Rutgers University police are also investigating the attack. In addition to causing Internet service to slow down or become completely unavailable, the attack also managed to take down the Rutgers homepage for 15 minutes over the weekend. The university’s Sakai platform, which is an online tool used by both students and faculty, was also unavailable for off-campus users as of Sunday afternoon. “Unfortunately, we have no ETA at this time for a permanent restoration of all affected services,” the university said on its Web site. “Normal service will be restored as soon as OIT is confident that the attacks are over.” Rutgers No Stranger to DDoS The attack is not the first the university has suffered. As recently as November, it experienced a similar DDoS attack that seemed to be timed to coincide with the period during which new students were registering for classes. During last year’s attack, the Rutgers network was shut down when a hacker flooded it with external communications requests. Like the most recent attack, the November attack is thought to have originated in Eastern Europe and China, according to a report on the Daily Targum, the university’s official student newspaper. Last year’s attack lasted only about 24 hours, however, unlike the current attack from which the school is still recovering. The day before the attack the school announced that it had been awarded $1.95 million by the federal government to develop a training program for the study of issues related to homeland security. Source: http://www.toptechnews.com/article/index.php?story_id=1320044NONV0

GitHub Still Battling DDoS Attack

San Francisco-based GitHub was taken out with a denial of service attack Wednesday. Scripts from the Beijing-based Baidu sent traffic coming to a page operated by GreatFire and a page with Chinese-translations of The New York Times. As is the focus of DDoS attacks, GitHub’s availability was knocked out as a result of the traffic caused. In morning tweets during the attack, GitHub informed followers that the attack was still going and getting worse, but that they were on top of dealing with it. As of two hours ago GitHub states that the DDoS attack is still being worked on. Meanwhile Baidu has said that it had nothing to do with the attack intentionally. The Chinese search engine titan also says that it is working security specialists to find out the cause of things. The company made certain to state that its security hadn’t been compromised during the attack on GitHub. Speculation in tech and security circles say that the attack was a means of strengthening China’s methods of web censorship by taking out sites that could allow for users to get around it. Baidu was simply used as a means of amplifying the attack due to how sizable it is and the amount of traffic it can produce. Source: http://kabirnews.com/github-still-battling-ddos-attack/8495/

See more here:
GitHub Still Battling DDoS Attack

Police website target of repeated DDoS attacks

A denial of service attack on Thursday morning to the Finnish Police website was the third attack of its kind this week. The website of the Finnish Police has been the target of repeated denial of service attacks this week, with the latest service disruption on Thursday downing the website for several hours. It marked the third such attack to the poliisi.fi webpage in the last few days. The first attack took place on Tuesday, and downed the website from late morning to 7 pm. Wednesday marked a smaller attack of the same nature. Tomi Moilanen, Chief Information Security Officer with the National Police Board, says the attacks have not led the police to implement any extraordinary measures quite yet. The attacks have also not detrimentally affected the various online services available on the site. The police have filed an investigation request with the National Bureau of Investigation in order to get to the bottom of the cyber attacks. Source: http://yle.fi/uutiset/police_website_target_of_repeated_denial_of_service_attacks/7891226

Read the article:
Police website target of repeated DDoS attacks

DDoS network attacks frustrate Brunswick County School officials

Officials with Brunswick County Schools and the Brunswick County Sheriff’s Office are investigating distributed denial-of-service (DDoS) attacks on the school’s network. According to officials, the attacks have been occurring since county schools reopened in January and have been increasing in frequency that past several weeks. A DDoS attack is usually an outside attack that uses multiple computers or devices to flood a targeted network with so much traffic that it overloads and crashes the system or cripples the ability of legit users from accessing it. School officials say staff members are becoming extremely frustrated at the internet connectivity issues associated with the attacks. The Brunswick County School’s technology department has been working to try and mitigate the impact on the school’s network. Officials say that the county’s network infrastructure is being specifically targeted in the attacks, but the systems have not been compromised. A preliminary investigation has revealed that the individual(s) initiating the attacks have at some point been an authenticated user signed into the school’s network. School officials says this leads them to believe that the responsible party is a current or former student or staff member. Authorities are still investigating. Source: http://www.wect.com/story/28614292/ddos-network-attacks-frustrate-brunswick-county-school-officials

See more here:
DDoS network attacks frustrate Brunswick County School officials

Tengrinews experiences largest DDoS attack in Kazakhstan

Tengrinews news website has experienced an DDoS-attack today, a correspondent of the portal reports. “Today, starting from 9 a.m. Tengrinews.kz website was under a massive DDoS-attack (Distributed Denial of Service) aimed at causing a failure of its server. The log analysis showed that during the attack most of the traffic to the Tengrinews.kz servers were coming from infected computers and servers from around the world, including from Israel, and Western European countries: France, Germany, Italy and Spain. The attack was carried out from infected computers from more than 30 countries around the world. The technical department together with Kazakhtelecom information systems directorate limited access to the site to Kazakhstan IPs only for the duration of the attack,” the technical department of Tengrinews said. DDoS is a type of attack aimed to make an online service unavailable by overwhelming it with traffic from multiple sources, often infected with a Trojan virus. It is virtually impossible to stop such an attack by blocking a single IP address. IT-service of the news website said that the DDoS-attack was carried out from around 700 different IP-addresses simultaneously. “The volume of malicious traffic exceeded 3 gigabits per second,” the department said. After the attack ceased the access to the website was fully restored and the limitations were removed. The website is now operating normally. This is the biggest DDoS-attack on a news resources of Kazakhstan so far. Source: http://en.tengrinews.kz/internet/Tengrinews-experiences-largest-DDoS-attack-in-Kazakhstan-259509/

See original article:
Tengrinews experiences largest DDoS attack in Kazakhstan