Archive: 2018

Why Critical National Infrastructure Organizations Shouldn’t Overlook DDoS Attacks

On the 1st of November the Department of Homeland Security kicked off its National Critical Infrastructure Security and Resilience Month. The month is aimed at raising awareness on the security issues which surround our critical national infrastructure and providing organizations with best-practice advice on ways to help keep these systems safe from physical and cyber security threats.

Read more

DDoS Attacks Can Interfere with Election Campaigns

With the U.S. 2018 midterm elections less than two weeks away, elections officials and political candidates have reason to be concerned about cybersecurity. Potential targets could include either a state or local election system, or the websites of political candidates, or on voter registration systems.

Read more

California Connected-Devices Bill: Is it enough to Stop IoT Botnets?

It was recently announced that the State of California is introducing new legislation which amongst other requirements, will effectively ban the use of weak passwords on internet-enabled devices. The law will come into force in 2020 and means manufacturers of Internet-of-Things (IoT) devices will no longer be able to program their products with default or generic passwords, which have notoriously been exploited by cybercriminals.

Read more

Juniper Networks Enters into Global Sales Agreement with Corero, and Invests $2.0 Million

Last week Corero was pleased to announce the expansion of our global partnership with Juniper Networks; Juniper signed a multi-year agreement to resell Corero’s distributed denial of service (DDoS) protection software products and services, with Juniper’s MX Series 5G Universal Routing platform. Following closely on the heels of that announcement came yet another piece of good news: Juniper is investing $2.0 million in Corero.

Read more

Instagram – the New Advertising Platform for Botnets

Recent reports have revealed that cybercriminals are using the popular social media site, Instagram, as a marketplace to advertise the rental of Botnets. The advertisements do not make it clear how powerful the botnets are; however, some posts are claiming to provide cheap access to the Mirai botnet, which was behind one of the largest cyberattacks in history.

Read more

Survey Indicates Lack of Enterprise DDoS Awareness and Protection

Last month, I had the honor to host a workshop at the R3: Resilience, Response & Recovery Summit in London, with two of my fellow Corero colleagues: Sean Newman and Peter Cutler.

Read more

Small DDoS Attacks Shouldn’t Be Ignored

Organizations that continue to think of DDoS attacks as just large, long-drawn-out attacks are putting themselves at great risk. Over the past few years, Corero has observed that short sub-saturating DDoS attacks are dominating the threat landscape.

Read more

A Gambling Company Ups the Ante to Woo Players Back after DDoS Attacks

In the past month several online poker sites, as well as the DraftKings fantasy sports site, have been hit hard by distributed denial of service (DDoS) attacks. Clearly, even if those companies had DDoS mitigation solutions in place, they were not sufficient to protect their networks.

Read more

How DDoS Attacks Impact Businesses Across Industries

There is no doubt that the frequency and sophistication of DDoS attacks targeting various industries around the globe is likely to accelerate in the near future. But, what are the potential consequences of DDoS attacks on your business? This is a question every organisation should ask themselves in today’s dynamic cyber threat landscape, where DDoS attackers continue to look out for more creative techniques to create chaos.

Read more

Study Confirms DDoS Attacks Damage Customer Trust and Erode Confidence

Erosion of customer trust and confidence is the single most damaging consequence of DDoS attacks for businesses, according to a study amongst IT security professionals attending this year’s Infosecurity Europe, conducted by Corero Network Security.

Read more

The Current State of DDoS Attacks: Are They Getting Smarter?

There has been a flurry of DDoS reports in the last few months, highlighting the evolving state of DDoS threats and warning of an upcoming wave of even bigger and more dangerous attacks. The sheer number of vulnerable connected devices out there, combined with the hacker community’s unrelenting ability to find new vulnerabilities to exploit, has significantly increased the potential scale of DDoS attacks.

Read more

10-minute DDoS attacks: A Devil in Disguise

One of the biggest cybersecurity threats most organisations underestimate are short, sub-saturating DDoS attacks. However, they can be just as disruptive as bigger attacks and powerful enough to knock a firewall offline so that the hackers can target, map and infiltrate a network to install malware and engage into data exfiltration.

Read more

How Improving Password Security Helps Protect Against Botnets

The DDoS threat landscape has been transformed by the emergence of Internet of Things botnets. Password hygiene of consumer and industrial IoT devices is often lax leading to easy criminal exploitation and potentially devastating attacks. The exponential growth in the number of IoT connected devices is a key driver in the ever increasing scale of the largest DDoS attacks.

Read more

The Effects of DDoS Attacks on Essential Services

The Effects of DDoS Attacks on Essential Services Public services continue to fall victim to distributed denial of service (DDoS) attacks with many industry experts, including Corero, predicting that this is going to get worse before it gets better. Our collective pessimism is being fuelled by dire warnings from government agencies that Nation...

Read more

DDoS For Hire Industry and its Impact on Source-Based Mitigation Techniques

A lot has been written and said about the DDoS for hire industry over the past few years, with major media publications recently reporting on the takedown of a popular Booter website. With all the hype surrounding this, the focus tends to be on ease of use of these malicious services, however, it is equally important to keep in perspective the...

Read more

Botnet-driven DDoS Attacks Represent a Developing Cyberthreat

Security researchers recently discovered a new variant of the famous Hide and Seek (HNS) botnet, which infected nearly 90,000 unique devices from the time of its discovery at the start of the year. The botnet, the world’s first to communicate via a custom-built peer to peer protocol, has now also become the first IoT malware strain that, under certain conditions, can survive a device reboot and remain on infected devices after the initial compromise.

Read more

Critical Infrastructure Organisations Could Face Huge Fines Under NIS Directive

The NIS Regulations are taking effect and those who operate essential services and industrial control systems will be expected to improve their resilience to today’s cyber threats. We examine how critical infrastructure organisations will respond to the rising threat of cyber-attacks.

Read more

DDoS Attacks Can Cost Organizations $50,000 Per Attack

Corero surveyed over 300 security professionals from a range of industries including financial services, cloud, government, online gaming and media sectors, which revealed that DDoS attacks are costing enterprises up to $50,000 (£35,000) per attack.

Read more

Hajime Botnet Scanning for Vulnerable MikroTik Routers

Security researchers have shared concerns about scans being carried out by a Hajime IoT botnet looking to mass-infect unpatched MikroTik devices. This blog explains what is the Hajime botnet, Botnet herding and how to protect against the threat.

Read more

Banks in Denial over Their Resilience to DDoS attacks

Are retail and investment banks in denial about being adequately protected from the frequent advanced DDoS attacks they’re getting hit with today?

Read more

Critical Infrastructure Under Attack

Security researchers have long shared their concerns about potential cyberattacks on critical infrastructure systems. Over the past few weeks, there have been several reports highlighting the dangers of such attacks.

Read more

The NIS Directive – just how tough is it really?

Over the last few months, UK media outlets have been filled with reports about the series of tough new measures being introduced on 9th May to protect our national critical infrastructure against cyber threats.

Read more

The US Government Vs Botnets

U.S. government agencies are working hard to solve the problem of botnets and other cyber threats, and are asking for input from various stakeholders.

Read more

Corero’s Expertise Effectively Eliminates the Double-Trouble Threat of the Memcached Exploit

We’ve identified an “active defense” countermeasure which neutralizes the problem. In more emotive terms, we have found and implemented the “kill switch” for Memcached.

Read more

Minding Your MANRS

Maintaining the resilience and stability of the global Internet requires collaborative efforts between Internet Service Providers (ISPs), government agencies, enterprises, security vendors and end users.

Read more

Bursts, Waves and DDoS: What You Need to Know

A recent Cisco report found that 42 percent of organizations experienced “burst” distributed denial of service (DDoS) attacks in 2017.

Read more

US and European Agencies Warn about the Risk of International Cyber Threats

Critical infrastructure organizations have to take steps to mitigate the possibility of DDoS and other cyber threats.

Read more

Autosploit: A Marriage Made for DDoS Botnets

On January 30, 2018 a new mass exploitation tool called “Autosploit” was released on Github, a Git repository hosting service.

Read more

Pundits Speculate: Did Russian Hackers Launch DDoS Attacks on Dutch Organizations?

The Dutch national tax office said its website went offline briefly, for 5-10 minutes. Regardless of how long they were under DDoS attack, those afflicted Dutch organizations should also be concerned about a security breach.

Read more

Hackers Targeting 2018 Winter Olympic Games

As cyber threats have evolved and increased, so too has the probability of such attacks on the Games.

Read more

The Rise of IoT Botnet Threats and DDoS attacks

IoT devices still suffer from basic security vulnerabilities and it is precisely this lack of security that makes them so attractive to hackers. But it’s not just a password problem anymore.

Read more

New Malware and Mirai Botnet Variants Pose Significant Threats

There is no shortage of malware on the Dark Web. In particular, during the past week security researchers from various points around the world have been talking about three threats, two of which are variants of the now infamous Mirai botnet code.

Read more

DDoS Protection: a Big Need for Small Business

Cyber criminals will go after anybody who appears to be vulnerable with DDoS attacks that can mask nefarious security breaches. Learn more about why all businesses need to protect against DDoS attacks.

Read more

Spamhaus Project Releases Annual Report, Cites 32% Increase in Number of Botnet Command & Control Servers

The number of botnet Command and Control (C&C) IP addresses has dramatically increased in the past year, according to the 2017 annual report from The Spamhaus Project.

Read more

DHS, DOC Draft Report that Urges Government-Industry Cooperation to Strengthen Cyber Defense

The federal government realizes that it alone cannot manifest the reality of its vision; policies, standards, best practices, regulations and laws can go only so far.

Read more

Cybersecurity Compliance and Resilience

IT security professionals have to worry about defending against ever-evolving cyber threats and, increasingly, the C-suite has to worry about following cybersecurity laws.

Read more

Show Them That Crime Doesn’t Pay; Don’t Surrender to Cyber Extortionists

Ransomware and DDoS attacks are two of the most common and dangerous cyber threats now facing organizations.

Read more