DDoS Attack Specialist Archive

The Web in inescapable today; everything from our smartphones and tablets to fitness trackers and home appliances can connect to the Internet. But could this deep connectivity be our downfall?
More than 60 percent of experts surveyed by Pew Research believe that by 2025, a major cyber attack will have caused widespread harm to a nation’s security and capacity to defend itself and its people.
“The Internet was not built for security, yet we have made it the backbone of virtually all private-sector and government operations, as well as communications,” Joel Brenner, former counsel to the National Security Agency, wrote in a Washington Post op-ed cited by the Pew study.
Despite progress in identifying and fixing vulnerabilities, a majority of Pew’s respondents said the future holds bigger and badder things for individuals and businesses.
“Cyber attacks will become a pillar of warfare and terrorism between now and 2025,” Joe Kochan, COO at US Ignite said, adding that digital warfare will become more prolific as countries’ infrastructures are transferred online.

Current threats, according to NASA program manager Mark Nall, include economic transactions, power grid, and air traffic control. But that list will expand to include self-driving cars, drones, and building infrastructure.
The battle has already begun, though, with the theft of trade secrets, development of cyber weapons, and even the hacking of smart toilets.
“The Internet of Things is just emerging,” Internet activist Tim Kambitsch said. “In the future, control of physical assets, not just information, will be open to cyber attack.”
Some folks, like Packet Clearing House executive director Bill Woodcock, are more optimistic.
“We’re at least 25 years into cyber attacks now, and although they get larger, and the economy and population becomes more dependent upon the resources that are vulnerable to them, they still don’t have the effect on physical assets and infrastructure that doomsday-predictors have always worried they would,” he said. “I’m not sure that problem will get worse as people become more sophisticated. I think we’re already over that hump.”
Even if hackers have the means to deliver devastating attacks, they don’t have the motivation, MIT senior researcher David Clark said. And those who do have the motivation, like terrorist organizations, don’t actually have the skills.
There are certainly those with the capacity for both, like Russian hackers who this month were caught using a Microsoft Windows bug to spy on U.S. and European academic and government agencies, NATO, and the Ukrainian government.
Apple, meanwhile, recently acknowledged that its iCloud service was under attack in China—a month after a hacker posted dozens of nude celebrity photos, which appeared to have come from the actresses’ iPhones, and prompted concern about iCloud security.
For a look back, check out Pew’s first report about the future of digital warfare from 2005.

Source: http://www.pcmag.com/article2/0,2817,2471362,00.asp?kc=PCRSS05079TX1K0000993

As cyber-criminals innovate and develop new techniques to tackle defensive methods, it has never been more important for information security professionals to have strong, proactive defense and remediation strategies in place. During this webinar, the speakers will share insight on how to address the risks and respond to attacks.

Hear about the evolution of and motivations behind DDoS attacks and the attack vectors exploited

  • Discover how to implement multi-layered DDoS defense
  • Identify best practice detection and classification techniques
  • Discover how to implement resilient DDoS incident response practices

Date: November 12th 2014
Time: 10:00AM EST/15:00 GMT

Click here to register !

As the Director of Sales for DOSarrest Internet Security I have the opportunity to speak with many prospects looking for DDoS protection service for their corporate website.

What I have learned is that there are many competitors offering what I would call a “bare bones vanilla offering”.

Some offer free service to service ranging in price from $200 – $300/month. These plans offer a very basic protection. They also advertise an Enterprise offering that has an expense starting point can really turn into being quite costly depending on your circumstances.

The Enterprise service is the offering that any company that is serious about protecting their website should consider. There are a few issues with each of these offerings that I’d like to point out.

These competitors claim they have a very large number of clients utilizing their services but fail to mention that 80-85% of them are using their free service. Roughly 10 -15% of their customers are using their $200-$300/month service which again is really just a basic protection with limited protection capabilities.

When a company witnesses a large attack, which is completely out of their control, they are told they should upgrade to their enterprise offering. I hear from prospects quite often that this $200 – $300/month service does not offer adequate protection nor customer support.

In most cases there is no phone support included at all! Also they will charge the client based on the size of the attack? How can a client control the size of an attack they are experiencing! This uncertainty makes it virtually impossible for a company to budget costs. Let’s not be mistaken, their goal is to get you onto their Enterprise offering which will cost you in excess of a thousand dollars per month.

Alternately at DOSarrest Internet Security we offer a single Enterprise level service for all of our clients.

The service includes full telephone and email access to our 24/7 support team with our service. This provides you direct access to system experts. We do not operate a tiered support service given the criticality of the service.

Also we protect our clients from all DDoS attacks regardless of size without the need to pay us additional depending on the size of an attack.

We also include an external monitoring account with our service called DEMS which stands for our DOSarrest External Monitoring Service. This allows our 24/7 support team to monitor your website from 8 sensors in 4 geographical regions.

We proactively inform our clients if we notice any issues with their website. Most of our competitors do not offer this service and if they do it is not included free of charge to their clients.

DOSarrest has been providing DDoS protection services since 2007. Globally we were one of the very first DDoS protection providers and have successfully mitigated thousands of real world attacks. This is a not an “add on product” for us. Our team has the experience and the protection of a client’s website is our #1 priority. Please visit our newly revamped website and take a look at the testimonials page to see what some of our current customers are saying about their experience with us.

Please feel free to reach out to me directly or anyone on our sales team at sales@dosarrest.com for further information on our service.

Brian Mohammed

Director of Sales for DOSarrest Internet Security LTD.

The Coming Swarm’ argues that distributed denial of service attacks are a legitimate form of protest.

Amendment I – Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the government for a redress of grievances.

A basic premise of a democratic society gives its citizens rights to participate in debate and effect change by taking to the streets to demonstrate. In the U.S., this is enshrined in the Bill of Rights under the First Amendment.

But what happens when we all effectively live, work, shop, date, bank and get into political debates online? Because online, as Molly Sauter points out in her book The Coming Swarm, there are no streets on which to march. “Because of the densely intertwined nature of property and speech in the online space, unwelcome acts of collective protest become also acts of trespass.”

Sauter argues that distributed denial of service (DDoS) attacks are a legitimate form of protest. Or at least one that needs to be examined in a larger context of lawful activism, rather than hastily and disastrously criminalized under the Patriot Act.

Sauter is currently doing her Ph.D. at McGill University in Montreal after completing her Masters at MIT. Prior to attending MIT she worked as a researcher at the Berkman Center for Internet and Society at Harvard. So she’s been thinking about civil disobedience and digital culture for a while, although she admitting during a recent phone interview that “adapting and re-writing a Masters thesis into a book during the first year of doctorate study is not recommended.”

As Sauter examines in The Coming Swarm, DDoS campaigns are not new. In fact they’ve been used for almost 20 years in support of various political movements from pro-Zapatista mobilization to immigration policy in Germany and, most notably, at 2010 G20 in Toronto.

“Guiding this work is the overarching question of how civil disobedience and disruptive activism can be practiced in the current online space,” she told PCMag. “Actions that take place in the online sphere can only ever infringe on privately held property. The architecture of the network does not, as of yet, support spaces held in common.”

The book also delves into extensive technical discussion on the evolution of simple denial-of-service attacks, where a single computer and Internet connection breaches a firewall, floods a server with packets, and overloads the system so that it malfunctions and shuts down.

According to Sauter, it was the switch to distributed denial-of-service attacks that really got the authorities’ attention. Mainly because the distributed nature of attack, using zombie machines to hide the original source of the activists’ IP addresses and often effect malware, made detection almost impossible. It was then that the nature of digital debate was re-framed as a criminal act rather than civil disobedience.

The Coming Swarm is thoroughly thought-provoking and meticulously researched (as one might expect from a peer-reviewed publication under the Bloomsbury Academic imprint). It will be an important contribution as more enlightened public policy makers try to understand digital culture rather than just contain it.

The Coming Swarm arrives Oct. 23 and can be purchased as an e-book on Bloomsbury.com.

Source: http://www.pcmag.com/article2/0,2817,2469400,00.asp

After successful in launching reflection and amplification Distributed Denial-of-Service (DDoS) attacks by abusing various protocols such as DNS, NTP and SMTP, hackers are now abusing Simple Service Discovery Protocol (SSDP) – part of the UPnP protocol standard – to target home and office devices, researchers warned.
SSDP is a network protocol based on the Internet Protocol Suite that comes enabled on millions of networked devices, such as computers, printers, Internet gateways, Router / Wi-Fi access points, mobile devices, webcams, smart TVs and gaming consoles, to discover each other and automatically establish working configurations that enable data sharing, media streaming, media playback control and other services.
FLAW IN UPnP USED IN AMPLIFICATION DDoS ATTACK
Prolexic Security Engineering & Response Team (PLXsert) at Akamai Technologies have issued a warning that the devices use in residential or small office environments are being co-opted into reflection and amplification distributed denial-of-service (DDoS) attacks since July that abuse communications protocols enabled on UPnP devices.

The rise of reflection attacks involving UPnP devices in an example of how fluid and dynamic the DDoS crime ecosystem can be in identifying, developing and incorporating new resources and attack vectors into its arsenal,” the advisory states. “Further development and refinement of attack payloads and tools is likely in the near future.

The weakness in the Universal Plug-and-Play (UPnP) standard could allow an attacker to compromise millions of its consumer and business devices, which could be conscripted by them to launch an effective DDoS attack on a target.
Attackers have found that Simple Object Access Protocol (SOAP) – protocol used to exchange sensitive information in a decentralized, distributed environment – requests “can be crafted to elicit a response that reflects and amplifies a packet, which can be redirected towards a target.”
This UPnP attack is useful for both reflection attacks, given the number of vulnerable devices, and amplification as researchers estimate that it can magnify attack traffic by a factor of 30, according to the advisory.
OVER 4.1 MILLIONS DEVICES VULNERABLE
According to the security researchers, about 38 percent of the 11 million Internet-facing UPnP devices, i.e. over 4.1 million devices, in use are potentially vulnerable to being used in this type of reflection DDoS attack.

The number of UPnP devices that will behave as open reflectors is vast, and many of them are home-based Internet-enabled devices that are difficult to patch,” said Akamai security business unit senior vice president and general manager Stuart Scholly. “Action from firmware, application and hardware vendors must occur in order to mitigate and manage this threat.”

MAJOR TARGETED COUNTRIES 
South Korea has the largest number of vulnerable devices, followed by the United States, Canada, and China, according to the advisory.
This isn’t the first time when a security flaw in UPnP has allowed attackers to target home and business devices, back in January 2013, a flaw in UPnP exposed more than 50 millions computers, printers and storage drives to attack by hackers remotely.
Source: http://thehackernews.com/2014/10/reflection-ddos-attacks-using-millions_16.html