Archive: 2015

Someone is trying to break the Internet, and it isn't Kim Kardashian

Break the Internet? Kim Kardashian's Paper Magazine cover couldn't do it, but now someone is trying to bring it down for real using DDoS attacks on the Internet Domain Name System's root name servers. Root Server Operators (RootOps) reports that on at least two separate occasions, several of the root name servers were hit with an...

Read more

Hacker group is targeting Xbox Live and PlayStation Network with DDoS attacks, just in time for Christmas

Do you know someone who is expecting an Xbox or PlayStation game console under the Christmas tree this year? If so, you'd better tell them to make plans for doing something other than playing with their new game systems for a few days. The New York Daily News reports that the Grinch (aka, a hacker group calling itself Phantom Squad) has vowed...

Read more

DDoS Lessons Learned, and Staying Ahead of These Threats in 2016

The DDoS attack landscape of 2015 has brought a consistent spattering of headlines that further highlight the severity of this type of cyber-attack.

Read more

Carrier Grade NAT and the DoS Consequences

The Internet has a very long history of utilizing mechanisms that may breathe new life into older technologies, stretching it out so that newer technologies may be delayed or obviated altogether. IPv4 addressing, and the well-known depletion associated with it, is one such area that has seen a plethora of mechanisms employed in order to give it...

Read more

Here they come – DDoS attacks via the Internet of Things

Experts have long warned that the inherent lack of security in many of the devices that make up the Internet of Things (IoT) would come back to harm us in the end. Now there is firm evidence that hackers are exploiting weak and default credentials on embedded devices to create botnets that are the sources of DDoS attacks. Closed-circuit...

Read more

ProtonMail Gives in to DDoS Ransom

Last month I published a post in reference to the surge in ransom driven DDoS attacks against Corero’s customers. “Over the last thirty days, roughly 10% of Corero’s customer base has been faced with extortion attempts, threatening to take down their websites and services unless they pay out various Bitcoin ransoms. Through...

Read more

Is DDoS Mitigation as-a-service becoming a defacto offering for providers?

It’s well known in the industry that DDoS attacks are becoming more frequent and increasingly debilitating, turning DDoS mitigation into a mission critical initiative for providers. From the largest of carriers to small and mid-level enterprises, more and more Internet connected businesses are becoming a target of DDoS attacks. What was once...

Read more

Vigilante DDoS attacker goes after offensive websites

It's almost easy to empathize with someone who feels justified in using DDoS tactics to temporarily take down websites that belong to the Islamic State, pedophiles, and racist and homophobic hate groups. Then we have to remind ourselves that, no matter how offensive or repugnant the content of these websites is, it's still considered to be...

Read more

Corero Observes Surge in Ransom Driven DDoS Attacks

The Corero Security Operations Center has seen an increase in cyber-extortionists targeting web hosting providers with Bitcoin ransom demands. Over the last thirty days, roughly 10% of Corero’s customer base has been faced with extortion attempts, threatening to take down their websites and services unless they pay out various Bitcoin...

Read more

Rutgers University gets an F for its failure to prevent repeated DDoS attacks

On September 28, 2015, Rutgers University experienced another DDoS attack—the fifth such attack in less than a year. Now some students and parents are asking for a refund of a portion of the tuition they have paid, attributing the demand to the university's inability to keep services available.  You see, the university's Board...

Read more

DDoS Defense as-a-service: A new Revenue Opportunity

In the past 12 months Corero has worked with many organizations world-wide; helping to solve their DDoS dilemma by deploying Corero’s SmartWall Threat Defense System (TDS).  Today Corero’s technology is protecting large swaths of the internet against the ill-effects of DDoS attacks.  As more-and-more service providers,...

Read more

DDoS Impact on Mobile Networks – Radio Congestion

Most CSP’s and Mobile Carriers have deployed some form of DDoS scrubbing complex in their network to clean large, long duration DDoS attacks. While this is a necessary first step in proactively working to defeat the DDoS challenge, the threat landscape is constantly changing and requires a more modern approach to protection. Based on...

Read more

Groups like DD4BC are just the beginning!

The group calling themselves “DDoS for Bitcoin” (DD4BC) continues to extort money from a host of companies located all over the globe, and today very few organizations are able to adequately protect themselves from DD4BC’s tactics. The group’s extortion campaigns have been increasing recently which include a preemptive...

Read more

DDoS Defense Initiatives – It looks like everyone is getting involved!

Over the past few weeks news feeds all over the world have been pulsating about the recent DARPA announcement.  On August 14th, 2015 the U.S. Defense Advanced Research Projects Agency (DARPA) announced an initiative called Extreme DDoS Defense (XD3).  Interestingly enough, DARPA is not the only U.S. government agency calling for research...

Read more

Lizard Squad retaliates against the UK's National Crime Agency following arrests of "customers"

Lizard Squad just can't leave it alone. Last week we reported that the National Crime Agency (NCA) in the United Kingdom arrested a number of teenagers who used Lizard Squad's DDoS tool Lizard Stresser. (See Users of DDoS-as-a-Service are arrested in the UK.) Just days after those arrests, the NCA's website was attacked and...

Read more

DARPA announces the Extreme DDoS Defense Program to solicit innovative ways to thwart attacks

Do you think you have what it takes to come up with a really innovative way to mitigate the effects of DDoS attacks? If so, the Defense Advanced Research Projects Agency (DARPA) wants to hear from you. Recognizing that DDoS attacks can have serious consequences on businesses as well as government agencies and military branches, the agency...

Read more

Users of DDoS-as-a-Service are arrested in the UK

Back in January I told you about DDoS-as-a-Service, brought to you by the nefarious hacking group known as Lizard Squad.

Read more

Upping Their Game - Three New DDoS Attack Methods already in 2015

The stakes have been raised even higher as organizations prepare for three new methods of DDoS attacks that have emerged in the last six months alone. The reflective/amplified category of DDoS attack has been around for nearly four years, but once again attackers are finding new methods of launching their assaults within this attack...

Read more

Optimizing Carrier DDoS Mitigation Scenarios - Part 2- Peering Point Deployment

In an in-line peering point DDoS protection deployment scenario, SmartWall ® Network Threat Defense Appliances (NTD) are deployed on each of the Service Providers’ peering points to their upstream Internet bandwidth providers.  This ensures always-on DDoS attack mitigation services while benefitting from the highest levels of...

Read more

Financial Institutions Are Seeing DDoS Extortion Campaigns

Several writers on this blog have been calling attention to recent DDoS extortion campaigns. (See DDoS extortion campaigns on the rise and FBI Warning! Businesses Are Threatened with DDoS Attacks Unless Extortion Money Is Paid.) Now the FBI is sending notice to banks and other financial institutions to be on the watch for shakedown attempts....

Read more

DDoS extortion campaigns on the rise

Just recently the Internet Complaint Center (IC3) issued an alert to businesses regarding a rise in extortion campaigns, tied to threats of DDoS attack activity unless a ransom is paid. The rise in DDoS attacks generally, is not surprising at all and the use of the “DDoS threat” for ransom or extortion is not a new tactic in...

Read more

This week in DDoS attacks – Protest and Activism

Ideological motivations for DDoS attacks can impact anyone at any time. This week, two high profile organizations Planned Parenthood and New York Magazine were severely impacted by ideological hacktivists taking down their websites with DDoS attacks.

Read more

FBI Warning! Businesses Are Threatened with DDoS Attacks Unless Extortion Money Is Paid

If you're running an illegal business that the authorities would like to shut down, you are highly unlikely to call the police or FBI if a cyber attack is affecting your business. And so it is that online operators of "unregulated activities" such as illegal gambling sites are finding themselves to be the victims of extortion...

Read more

The DDoS Opportunity Awaits

In the late 1990’s a large number of DSL providers were raising millions of dollars in venture capital to build their DSL networks in the United States. in order to offer broadband Internet access to local consumers. Many subscribers were still utilizing dial-up services and the demand for faster Internet connections and more available...

Read more

Optimizing Carrier DDoS Mitigation Scenarios - Part 1

In a large Carrier environment, DDoS attacks have escalated from a nuisance, to a sophisticated threat, and now to a revenue opportunity. Scrubbing DDoS traffic at a centralized location, after attacks have been detected has become a commonplace approach to reducing the amount of DDoS traffic transiting Carrier networks, and sent to downstream...

Read more

If it looks like a duck, quacks like a duck and walks like a duck…

Several high profile organizations experienced ‘unexplained’ service outages yesterday, begging the question “is there any connection across these discrete outages”. All trading on the New York Stock Exchange was halted for nearly four hours for undisclosed internal technical reasons, while a so-called technical glitch halted United Airlines flights around the country for about two hours. The Wall Street Journal’s web site was also rendered unavailable just after the NYSE halted trading.

Read more

DDoS – A Global Epidemic

Corero’s Q4, 2014 DDoS Trends and Analysis Report highlights that organizations are faced with DDoS attack attempts at an alarming frequency. For example, Corero’s customers on average are experiencing up to four DDoS attacks per day –up to 351 DDoS attacks per quarter.  What we find even more interesting is that 96% of the...

Read more

Shapes of DDoS Threats

For a device to offer DDoS protection it must be able to handle the different traffic profiles that constitute the current DDoS attack landscape. By illustrating the relative layer 3 and layer 4 counts of source and destination one can easily see the major categories of DDoS Threats. After introducing a basic traffic shape, anomalous variants will...

Read more

Denial of Service Attack Grounds Airplanes for Hours

If you're old enough to remember the turn of the millennium, then you'll recall the big Y2K scare. Many people believed that computers that were never designed to accommodate the change of the millennium – from the year 1999 to 2000 – would have such crazy problems that airplanes in flight might fall out of the...

Read more

The State of Internet Security is Getting Worse, According to Akamai

Akamai is out with its State of Internet Security report for the first quarter of 2015. This report is based on actual, observed traffic as opposed to being the result of user surveys, making it a good record of recent security conditions. The report opens with a very troubling statistic: the number of DDoS attacks recorded in the first quarter...

Read more

DDoS Attack Kicks Canadian Government Websites Offline

The Canadian Federal Government’s network service availability was impacted by reported ‘large-scale’ DDoS attacks earlier this week.  Reports indicate that the illustrious Anonymous group has claimed responsibility for these outages, due to outrage over the recently passed anti-terror Bill C-51.  Attacks left the...

Read more

The Attack of the Baby Monitors!

Most of us who operate in the world of DDoS attacks have known about the reflective/amplified DDoS attack vector for several years.  As a matter of fact Corero was warning the public that this attack vector was coming nearly 5 years ago; before the first attack of this type was ever observed. Today it seems the attackers will do whatever is...

Read more

Computer Center Serving the UK's University System Has a Lot to Learn

We've posted several articles lately about DDoS attacks being aimed at educational institutions right about the time that important exams are being taken by a large percentage of students. (See Sorry, Kids, Your Final Exam Has Been DDoS'd and  High school student charged with a felony after DDoSing his school district.) Now comes...

Read more

High school student charged with a felony after DDoSing his school district

Sure to be voted "least popular student" in the West Ada, Idaho, school district: the 17 year old kid who took down the district's computer system, forcing students to retake the state mandated achievement test multiple times. In mid May, just as 36,000 students across the district's 52 schools were taking their Idaho Standard...

Read more

Sorry Kids, Your Final Exam Has Been DDoS’d

It’s that time of year when Colleges and Universities are hustling and bustling with year-end activities such as graduation, senior occasions, final athletic events and countless ceremonies. It’s also the time when final exams are well underway. Perhaps it is a coincidence (or maybe quite the opposite) that we are hearing of several...

Read more

Black Hole Routing – Not a Silver Bullet for DDoS Protection

As ISPs, Hosting Providers and Online Enterprises around the world continue suffering the effects of  DDoS attacks, often the discussions that follow are, “What is the best way to defend our networks and our customers against an attack?” Traditional techniques of defense include SYN-cookies, SYN-proxy, redirects, challenges, and...

Read more

Telescope Protesters Are Not Acting With "Aloha"

Most people would consider Hawaii to be an idyllic place, but there's quite a controversy erupting over the plan to build a new telescope on Hawaii Island ("the Big island"). Not just any telescope, mind you, but one of the world's largest, known as the Thirty Meter Telescope (TMT). Construction of the $1 billion+ scientific...

Read more

DDoS vs. Natural and Man-Made Disasters

When researching the topic, Do cyber-attacks, especially DDoS attacks result in more outages than natural or man-made disasters, I stumbled upon a 2013 annual report from The European Union Agency for Network and Information Security (ENISA).  According to their website, “ENISA is a centre of network and information security expertise...

Read more

Who have you pissed off lately?

One of the prime motivations for DDoS attacks today is hacktivism. That is, some individual or group is trying to inflict revenge or punishment on the targeted company because of political or social beliefs. One of the more famous uses of DDoS as a hacktivist tool is the take-down of Sony Pictures' systems in retribution for the planned...

Read more

The Do-No-Harm Approach to Real-Time DDoS Protection

The vast majority of Corero customers require always on DDoS protection to ensure service availability for their customers—ensuring that all good user traffic flows unimpeded, while DDoS attack traffic is mitigated in real-time.  The Corero SmartWall® Threat Defense System (TDS) allows for always-on DDoS protection with a unique and...

Read more

When you fight fire with fire, you risk getting burned

Censorship watchdog GreatFire.org lit a fire that has turned into quite a conflagration. GreatFire.org is known for punching holes in China's Great Firewall, the surveillance and censorship system that attempts to prevent Chinese businesses and citizens from reaching the outside world via the Internet. GreatFire provides open access to the...

Read more

Can we “squelch” DDoS attacks, closer to the source?

A DDoS focused report released by Neustar earlier this week caught my eye with a statement made by Neustar Senior Vice President and Fellow, Rodney Joffe. Rodney makes an interesting recommendation around the need to “develop industry-based mitigation technologies that incorporate mechanisms to distribute attack source information into ISPs,...

Read more

Man your battle stations – DDoS is pulling a fast one on you

The DDoS threat landscape is a broad, ever evolving and dynamic topic that is covered by many different perspectives. One angle that doesn’t always get the spotlight is the use of DDoS attacks as a diversionary tactic or profiling mechanism for advanced assaults against a target victim. Traditionally the term “DDoS” has been...

Read more

DDoS – whose responsibility is it?

As organizations around the globe become more-and-more reliant on the Internet, a serious weakness has begun to emerge in our connected world.  Since its inception, the Internet has been all about availability; when the Internet goes down, businesses that rely on that availability go down with it. DDoS attacks are single handedly the most...

Read more

Are DDoS attacks getting bigger or smaller?

There has been a flurry of DDoS reports from DDoS protection vendors as of late, and Corero has thrown its hat in the ring as well. The recently released Corero DDoS Trends and Analysis report offers a unique perspective of the growing DDoS threat; offering a stark contrast to the majority of the reports saturating the headlines this month. The...

Read more

Gaming companies collaborate to fight DDoS attacks

Online game players that got new consoles or games this past Christmas might have been disappointed when they went to play. Both Microsoft's Xbox Live and Sony's PlayStation Network were down for extended times of a day or more due to DDoS attacks. The now notorious group Lizard Squad had said it would target the gaming industry with...

Read more

Gaming Provider – Looking for new options?

As industry statistics suggests, many gaming providers are under DDoS attack continuously - each and every day.  Gamers are said to be one of the highest profile targets on the Internet, while at the same time their business models require 100% uptime.  These two facts manifest into quite the conundrum for today’s gaming providers....

Read more

Industry Observations of DDoS Trends

Observing and analyzing DDoS attacks over a period of time helps us all understand trends so that we can better prepare for the future. Verisign has recently published its DDoS Trends Report for the last half of 2014, and there are some interesting observations. For one thing, attacks are growing larger in size. In the attacks observed by...

Read more

Why DDoS scrubbing-lanes?

With regards to scrubbing-lane approaches, years ago Internet Service Providers (ISP) realized, “Yes DDoS is a problem we will have to deal with now and in the future”.  From some reports as early as the year 2000 ISPs began observing DDoS attacks traversing their networks. How did they see the effects of DDoS attacks - way back...

Read more

Don't Dig a Well When Your House is on Fire

Relying on human intervention to mitigate DDoS attacks is like digging a well when your house is on fire. When it comes to ensuring service availability and maintaining uptime and SLAs, hosting providers should use minimal (if any) manual intervention when defending against a DDoS attack.

Read more

Return on Investment vs. Return on Availability

In my discussions with organizations looking to protect their business from the wrath of DDoS attacks, I often hear the same question, “How do we obtain a Return on Investment (ROI) on a DDoS protection solution?”  Years ago I would attempt to delineate a potential ROI model, often on the fly.  On several occasions, I worked...

Read more

More than half of U.S. businesses were targeted by a DDoS attack last year. Was yours among them?

How pervasive have DDoS attacks become? According to research from the global network services company BT Global Services, two out of every five organizations worldwide were targeted by DDoS attacks last year. That's the global average. In the United States, more than half (58%) of all organizations were targeted. Those aren't good...

Read more

Experiencing Pain you can’t Explain?

Last week I attended the Corero annual sales kickoff at our HQ in Hudson, MA. While there, I had the opportunity to spend several days with one of our most seasoned security engineers, David B.  He was discussing his experience regarding a hosting provider who was currently evaluating the Corero SmartWall® Threat Defense System (TDS) as a...

Read more

The double-edged sword of operating a hosting data center  

The more customers you host in your data center, the better, right?  Of course, that means more revenue.  And if those customers are in multiple industry verticals, even better, correct?  Supporting a variety of customer types protects  against revenue fluctuations if rough economic times affect a certain vertical and not the...

Read more

The biggest threat to your SLAs - DDoS Attacks (Part II)

It’s obvious that latency and outages caused by DDoS attacks can severely impact uptime measurements.  A sustained outage caused by an attack could result in an organization losing or reducing its uptime certifications. The reality of the impact of DDoS to a provider’s APS ratings is staggering if you put it into...

Read more

The biggest threat to your SLAs - DDoS Attacks (Part I)

It is no secret that Hosting Providers live and die by the Service Level Agreements (SLAs) and uptime guarantees they offer to their customers.  Organizations select providers, and remain loyal when SLA thresholds are continuously met.  Hosting Providers are fighting an up-hill battle in striving to meet these aggressive guarantees....

Read more

Looking for a Cheap Service for DDoS Penetration Testing? How Does $2.99 Sound to You?

Lizard Squad, the hacking group that takes credit for attacking the Sony PlayStation Network and the Microsoft Xbox network back in December, now wants to be your commercial provider of a sort of "penetration testing" toolkit. CNN recently reported that anyone can rent the Lizard Squad tool called Lizard Stresser for as little as $2.99...

Read more

Hope for the best, but plan for the worst.

From my time spent in the military back in the 1980’s I remember many of the lessons learned.  The title of this blog is one of them. Without a plan, all of the hope in the world solves little, if anything and hope simply cannot replace a good plan. Hope is not a strategy for success. With the recent news pertaining to Lizard Squad...

Read more

The Hacker Group Anonymous as Do-Gooder?

We are usually writing about the hacker group Anonymous in terms of the harmful attacks its members launch against business and government websites. But now the BBC is reporting that Anonymous is claiming credit for knocking a terrorist recruiting website offline. Anonymous is declaring war on jihadist websites following the recent terrorist...

Read more

The Web as Equalizer in Cyber Terrorism

When the World Wide Web rose to prominence two decades ago, it was called the great equalizer. By having a Web presence, a small company could look as impressive as a large company when it came to courting prospective customers and employees. Individuals could access information that previously had been locked away in hard copy sources only....

Read more

DDoS attacks: Normally I don't blame the victim, but in this case the blame is deserved

April 2011 – Sony Playstation Network, Sony Online Entertainment (SOE), and the Sony Qriocity music service (now known as Music Unlimited) were all knocked offline by a large-scale DDoS attack. The group Anonymous claimed responsibility for this attack. Sony was so busy trying to get its services back online that it failed to notice that a...

Read more

Interview with Corero CTO, Dave Larson – It’s Game On for DDoS

The Gaming Industry, given its high-volume, high-transactional environment, requires 24/7 accessibility. Any downtime or interruption has a significant financial and reputational impact. The Gaming Industry thrives on the Internet, which makes them especially sensitive to DDoS attacks not only by motivated attackers, but also competitors and poor...

Read more