Kaspersky identified a significant increase in DDoS attacks year-on-year.

According to cybersecurity firm Kaspersky, it’s been a busy year for cybercriminals who favour DDoS as their method of attack.

The Russian firm’s DDoS protection tool reportedly blocked 44 percent more attacks in Q4 2019 than in the same period the previous year.

Sundays were also busier than ever, highlighting the ever present nature of the threat posed by cybercrime. More than a quarter (28 percent) of all attacks happened on weekends, and the share of attacks performed on Sundays grew by 2.5 percent (to 13 percent overall).

Despite DDoS attacks growing year-on-year, they haven’t risen dramatically quarter-on-quarter. There was a “marginal” 8 percent increase between Q3 and Q4 2019, Kaspersky says.

A more notable rise (27 percent) was spotted in so-called smart DDoS attacks, which focus on the application layer and are usually carried out by skilled attackers.

“Despite the significant growth in general, the season turned out to be quieter than expected,” said Alexey Kiselev, Business Development Manager on the Kaspersky DDoS Protection team.

“Attackers can still find a way to spoil your leisure time, as cybercrime is not an ordinary nine-to-five job, so it is important to ensure that your DDoS prevention solution can automatically protect your web assets.”

Source: https://www.itproportal.com/news/ddos-attacks-through-the-roof-in-q4-2019/

 

The Greek government said Friday that the official state websites of the prime minister, the national police and fire service and several important ministries were briefly disabled by a cyberattack but have been restored.

Government spokesman Stelios Petsas said early Friday that the distributed denial-of-service or DDoS attack “led to the malfunction of certain websites.” He said “countermeasures” had been successfully implemented, but gave no further details.

Along with the prime minister’s website, targets in the attack late Thursday included the websites of the ministries of public order, interior, foreign affairs, and merchant marine, as well as the Greek Police and Fire Service.

It was the second cyberattack against government websites in less than a week. Responsibility for the first attack was claimed in an online post by a group of hackers who purported to be from Turkey. Greek officials have not commented on whether they consider that claim to be true.

Source: https://techxplore.com/news/2020-01-greece-websites-cyberattack.html

An American businessman who co-founded a cybersecurity company has admitted to hiring criminals to carry out cyber-attacks against others.

Tucker Preston, of Macon, Georgia, confessed to having paid threat actors to launch a series of distributed denial-of-service (DDoS) attacks between December 2015 and February 2016.

DDoS attacks prevent a website from functioning by bombarding it with so much junk internet traffic that it can’t handle visits from genuine users.

In a New Jersey court last week, 22-year-old Preston pleaded guilty to one count of damaging protected computers by transmission of a program, code, or command. Preston admitted to causing at least $5,000 of damage to the business he targeted.

“In or around December 2015, Preston arranged for an entity that engages in DDoS attacks to initiate attacks against a company. The entity directed DDoS attacks against the victim company, causing damage and disrupting the victim’s business,” wrote the Department of Justice in a statement released on January 16.

The count to which Preston pleaded guilty is punishable by a maximum penalty of 10 years in prison and a fine of up to $250,000 or twice the gross gain or loss from the offense.

US Attorney Craig Carpenito credited special agents of the FBI, under the direction of Special Agent in Charge Gregory W. Ehrie in Newark, New Jersey, with the investigation that led to Preston’s guilty plea.

The identity of the company that Preston paid criminals to attack has not been revealed, but Carpenito has confirmed that the targeted business had servers in New Jersey.

Preston co-founded the cloud-based internet security and performance company BackConnect Security LLC, which claims to be “the new industry standard in DDoS mitigation” and is currently online using an invalid certificate.

Preston was featured in the 2016 KrebsOnSecurity story “DDoS Mitigation Firm Has History of Hijacks,” which detailed how BackConnect Security LLC had developed the unusual habit of hijacking internet address space it didn’t own in a bid to protect clients from DDoS attacks.

Preston will reappear before the court on May 7 for sentencing.

Source: https://www.infosecurity-magazine.com/news/backconnect-founder-funded-ddos/

A man in the US who co-founded a service to protect sites from cyber-attackers has pleaded guilty to launching distributed denial of service (DDoS) attacks.

Tucker Preston is co-founder of BackConnect, a cyber-security firm that claimed to be “the new industry standard in DDoS mitigation”.

However, he was accused of arranging DDoS attacks targeting an unnamed firm.

A court document stated the attacks took place between 2015 and 2016.

News of the guilty plea was published online by Brian Krebs, a cyber-security expert and blogger.

During a DDoS attack, a website or online service is flooded with high levels of internet traffic in an attempt to cause disruption or take the target website or service offline.

Preston, of Georgia, had arranged for DDoS attacks against a company with servers in New Jersey, according to the US Department of Justice.

“The count to which Preston pleaded guilty is punishable by a maximum penalty of 10 years in prison and a fine of up to $250,000 or twice the gross gain or loss from the offence,” the Department said in a statement.

Preston is due to be sentenced in May.

Source: https://www.bbc.com/news/technology-51189386

Hackers target businesses with malware, for the sake of disrupting their operations, experts claim.

A third of all reported incidents against businesses were caused by ransomware, destructive malware and distributed denial of service (DDoS) attacks, according to cloud-delivered endpoint protection firm CrowdStrike.

The company’s latest cybersecurity report, argues that cybercriminals are increasingly seeing business disruption as their main attack objective.

It was also said that they were able to hide their activities from cybersecurity departments much longer – 95 days on average (up from 85 days a year ago). CrowdStrike believes that businesses still lack the technology they need to reinforce their defences, prevent being exploited and mitigate potential risks.

“As adversaries are stealthier than ever, with new attack vectors on the rise, we must remain agile, proactive and committed to defeat them, “commented Shawn Henry, chief security officer and president of CrowdStrike Services.

“They still seek the path of least resistance — as we harden one area, they focus on accessing and exploiting another.”

It added that hackers would often target third-party service providers to create a sort of a force multiplier for the attacks. Cloud infrastructure as a service (IaaS) is often targeted, and Macs are no longer ignored as a platform.

Patching vulnerable systems and software would mitigate many of these problems, but patching remains a pain point, as many organisations don’t have “basic cyber-hygiene”. Even the security systems they have are often not set up properly, and as such aren’t as effective as they could be.

“The failure to enable critical settings not only leaves organizations vulnerable but also gives them a false sense of security,” the report concludes.

Source: https://www.itproportal.com/news/business-disruption-is-now-a-bigger-cyber-threat/