DDoS Protection Specialist Archive

The “IBM X-Force Threat Intelligence Index 2019” highlighted troubling trends in the cybersecurity landscape, including a rise in vulnerability reporting, cryptojacking attacks and attacks on critical infrastructure organizations. Yet amid all the concern, there is one threat trend that our data suggests has been on the decline: hacktivism — the subversive use of internet-connected devices and networks to promote a political or social agenda.

Looking at IBM X-Force data in the period between 2015 and 2019, our team noted a sharp decrease in publicly disclosed hacktivist attacks. Our data incorporates incidents pulled from established and reliable reporting streams and reveals where a specific group claimed responsibility for the incident and where there is quantifiable damage to the victim. While this data does not capture all cyber incidents — nor all hacktivist attacks that occurred in that period — the decrease in publicly acknowledged hacktivism attacks remains significant since public attribution is a key component in these types of attacks.

In 2016 in particular, hacktivist attacks such as Operation Icarus, which directed distributed denial-of-service (DDoS) attacks at banks worldwide, made headlines several times. Another 2016 attack by the same group was a “declaration of war” on Thai police following the conviction of two Burmese men for the murders of two British backpackers. That operation resulted in the defacement of several Thai police websites. In 2018, the number of reported attacks was much lower, although various groups used similar tactics, including DDoS attacks and the defacement of several government websites in Spain.

We have some theories about the reasons behind this decline — specifically, a decrease in attacks by one core hacking collective and law enforcement acting as a deterrent against hacktivism. Let’s explore these theories in more detail.

Public Hacktivist Attacks Have Dropped Nearly 95 Percent Since 2015

We’ll start by taking a closer look at the numbers. According to X-Force data collected between 2015 and 2019, hacktivist attacks have declined from 35 publicized incidents from our sample in 2015 to five publicized incidents in 2017. In 2018, only two publicized incidents were recorded, a dramatic decline over the past four years. Thus far for 2019, no hacktivist attacks have yet met the criteria to be included in our data set, although we are aware that some hacktivist attacks have occurred.

These numbers show a drop of nearly 95 percent from 2015 to 2018 as attacks from the groups behind the bulk of the 2015–2016 attacks decreased. Most notably, the Anonymous collective and associated groups that identify themselves as Anonymous in different parts of the world perpetrated fewer attacks.

Figure 1: Number of Publicized Hacktivist Attacks (Source: IBM X-Force Data, 2015-2018)

Figure 1: Number of publicized hacktivist attacks (Source: IBM X-Force Data, 2015–2018)

For the hacktivist attacks tracked through our X-Force data, an analysis shows that few hacktivist groups aside from Anonymous have notably dominated the attack landscape over the past four years, with most groups carrying out only one or two attacks and then disappearing for a time.

Several groups struck only once and were never heard from again under the same name. The following figure depicts the number of hacktivist attacks by group from 2015 through 2018. Attacks by Anonymous made up 45 percent of all attacks, a far higher percentage than any other group that kept the same identity over time.

Figure 2: Hacktivist Attacks by Group (Source X-Force Data 2015-2018)

Figure 2: Hacktivist attacks by group (Source X-Force Data, 2015–2018)

Where Have All the Hacktivist Groups Gone?

So how can this decrease in hacktivist attacks from 2015 to 2018 be explained, especially in view of how frequent these sorts of incidents were in previous years?

X-Force researchers have some theories about the changing nature of the hacktivist threat landscape that could have contributed to this decline. Upon examining these theories in light of additional data on hacktivist attacks and activity and law enforcement response, we noted several patterns that might help explain this downward trend.

A Decline in Anonymous Attack Campaigns

A decline in attacks associated with the hacking group Anonymous is one of the principal contributing factors in the overall decline in hacktivist attacks worldwide.

Starting around 2010, Anonymous became one of the most prolific hacktivist groups in the world, reaching a peak of activity in early- to mid-2016, according to IBM X-Force data. Since then, attacks by Anonymous have declined significantly, possibly due to an attrition of key leadership, differences of opinion and a struggle to find an ideological focus.

Some examples of this turmoil were on display during the 2016 US presidential election, which appeared to spark a sharp debate among Anonymous members, one that even spilled over into the public domain. While some members advocated for attacks against candidate websites, others strongly disagreed, arguing that the group does not support a particular political ideology and criticizing proposed attacks as “cringeworthy.”

In addition to differences in viewpoint, several cyber actors have sought to masquerade as Anonymous actors over the past three years, using the moniker in an attempt to legitimize their actions or to tarnish the group’s name by connecting their activities to Anonymous. In early 2016, Anonymous released a video warning about “fake Anons” and claiming that governments and individuals were acting in the name of the group in an attempt to “damage the name of Anonymous and [post] propaganda of their own ideologies,” or profit financially by using the group’s name as clickbait to attract traffic to advertising webpages. Any attempt to decrease the number of fake Anons may have led to a decrease in the number of true Anonymous actors overall.

X-Force data shows that decrease in Anonymous activity, with attacks dropping from eight incidents in 2015 to only one tracked in 2018.

Figure 3: Number of Publicized Anonymous Hacktivist Attacks Per Year (Source: IBM X-Force Data, 2015-2018)

Figure 3: Number of publicized Anonymous hacktivist attacks per year (Source: IBM X-Force Data, 2015–2018)

Legal Deterrence

Arrests and legal warnings issued to hacktivists at large may be acting as an effective deterrent against additional hacktivist activity. X-Force IRIS internal tracking of related arrests revealed that law enforcement agencies in the U.S., U.K. and Turkey have arrested at least 62 hacktivists since 2011. We suspect the actual number is greater than those publicly announced. Three of the arrested hacktivists received sentences in 2018 and 2019, all with prison time of three years or greater, including one with a 10-year prison sentence.

The 10-year sentence — plus a $443,000 fine — was placed on one self-proclaimed Anonymous hacktivist who hit Boston Children’s Hospital with DDoS attacks in 2014 and was arrested in February 2016. Some security practitioners noted that the long sentence had the potential to deter additional attacks.

Another hacktivist arrested in 2011 agreed to become an informant to the FBI, possibly contributing to the demise of his hacking group LulzSec and the arrests of potentially nine other hacktivists. This hacker then served seven months in prison before becoming a legitimate penetration tester.

In January 2017, one software engineer publicly proposed a DDoS attack on the White House’s website as a form of hacktivism. Security experts and law enforcement officials warned that such an act was illegal and would be tracked and punished. In the end, no attacks appeared to have occurred, and there were no reported problems with the White House website that month.

Hacktivism Is a Volatile Tactic

Where are hacktivist attacks likely to go from here? We are reluctant to say that the era of hacktivism has come to an end. Acute social justice issues, greater organizational capabilities among hacktivist groups and a stronger shift to areas that lay beyond the reach of law enforcement all have the potential to dramatically change the face of hacktivism in a relatively short period of time. More likely than not, we are experiencing a lull in hacktivist activity rather than a conclusion.

Hacktivism incidents in 2019 already suggest that this year may see an uptick in attacks, with a scattering of activity from attacks on Saudi newspapers in January to DDoS attacks on Ecuadorian government websites following the arrest of Julian Assange. As of yet, however, these numbers have still not reached the tempo of hacktivist attacks seen in 2015 and 2016.

For the time being, the world appears to be experiencing a relative respite from hacktivist attacks, perhaps freeing defensive resources to focus on more pressing threats, such as malicious actors’ use of PowerShell, Spectre/Meltdown and inadvertent misconfigurationincidents. These ongoing threats, X-Force IRIS predicts, will continue to demand more focus from security teams throughout 2019.

Source: https://securityintelligence.com/posts/the-decline-of-hacktivism-attacks-drop-95-percent-since-2015/

DDoS attacks top the list of primary security concerns for mobile operators now that 5G wireless is advancing as the number of connected devices grows.

The next generation of mobile networking technology — the highly anticipated 5G — will improve the speed and responsiveness of wireless networks when deployed, but it is already raising questions for mobile operators, specifically about the implications of 5G security.

Commercial 5Gis in the early stages of becoming a reality and will continue to grow. In “Opportunities and Challenges in a 5G Connected Economy,” a recent report from market research firm Business Performance Innovation Network, in partnership with security vendor A10 Networks, looked at the security concerns 5G brings to the mobile industry.

“Security is a top concern for 5G operators, almost equal to increasing capacity and throughput,” the report said, reporting that 94% of respondents expect the growth of 5G to increase security and reliability concerns for 5G mobile operators.

5G concerns can be looked at in two ways, according to Paul Nicholson, senior director of product marketing at A10 Networks. One concern is the increase of traffic and devices. Whenever technology changes, unexpected issues often arise. There is new technology with 5G, but operators are also moving to a cloud, software-type environment, so they have to secure that, he said, adding security works differently with different components.

Despite the high level of concern, the study also revealed most mobile operators still have significant work to do in building the security foundation needed to support 5G.

While the majority of survey respondents said they intend to upgrade security tools — such as firewalls — to work better with 5G, only 11% have actually implemented the upgrades.

A full 79% of survey respondents said their companies are taking 5G requirements into consideration with their current security investments. Another 17% said they are already looking at it.

The top security concerns include core network security, with 72% of respondents rating it very important; 60% are concerned with endpoint security and 38% with security management and staffing requirements.

Core network security concerns include upgrading different types of firewalls given the increased traffic and scalability of 5G. Only a small percentage of respondents have upgraded their firewalls already, while more than half said they plan to.

“The need to upgrade the Gi firewall at the Evolved Packet Core is widely recognized as a critical need for improving 5G security, while it also delivers significant benefits to existing 4G networks,” the report said.

“[Mobile operators] also need to think about external forces, like volumetric DDoS [distributed denial-of-service] attacks, which are coming in from the outside to try to disrupt service,” Nicholson said.

The most important security advances and capabilities for the future

The threat of DDoS attacks

The deployment of 5G will open a lot of networking possibilities due to its improvements in speed, capacity and latency. Those advances, however, also open up the possibility for more severe attacks.

One of the most significant security concerns of respondents was the possibility of DDoS attacks — 63% said advances in DDoS protection were important to their future ability to address larger and more sophisticated attacks.

“Today, A10 [Networks] knows that there are 23 million DDoS weapons out there poised to attack on demand,” Nicholson said, citing the spread of the Mirai botnet that followed DDoS attacks in 2016.

“The most recent was a 1.7 terabit attack against GitHubusing misconfigured Memcached servers in a reflection attack,” he said. “Reflection attacks are still the biggest attacks we see today with multiple types of devices being used.”

DDoS attacks often target internet-connected devices, so as the number of devices continues to grow and as 5G network deployments increase and connect to more devices, DDoS threats could lead to more attacks — not only in frequency but in how far and fast the attacks could spread.

“When we get to the 5G world, there’s going to be a lot more connected devices, and they’re going to be capable of generating traffic at a much higher rate,” Nicholson said. “With the DDoS weapons, we think this is just the tip of the iceberg.”

Source: https://searchsecurity.techtarget.com/feature/DDoS-attacks-among-top-5G-security-concerns

VANCOUVER, British Columbia, May 14, 2019 (GLOBE NEWSWIRE) — Leading Philippine based telecommunications carrier selects Internet Security firm DOSarrest to deliver cyber security solutions to their commercial client base. The partnership allows Eastern to provide a number of cloud based security solutions including DDoS Protection, Web Application Firewall, global load balancing and Content Delivery Network(CDN). The partnership also gives Eastern Communications access to DOSarrest’s traffic Analyzer (DTA) and Data Center Defender, a solution that allows its customer to protect thousands of IP addresses at the same time with one automated cloud based service.

Mark Teolis, CEO at DOSarrest States, “We are honored to have been chosen by Eastern to deliver leading edge cloud based security services to their thousands of business customers. Eastern’s forward vision on cybersecurity is on the right track and we will help them deliver.”

“As part of our ‘High Tech’ promise to our customers, we’re expanding our product portfolio to meet their increasingly varied digital needs. Aside from our reliable data and voice services, we’re venturing into cybersecurity and cloud services provided by global innovation leaders,” shared Eastern Communications Co-Coordinator Atty. Aileen Regio.

DOSarrest CTO, Jag Bains comments, “Eastern has the right stuff to be a telecom carrier ahead of the security curve in the Philippines and beyond. Our recently released cloud based traffic analyzer services (DTA) gives their customers a definite edge in the market today on network intelligence.”

“Here in Eastern Communications, we’re excited to partner with leading companies in cybersecurity like DOSarrest. We look forward to offering their services to the Philippine market as part of our commitment to bring best-in-class cybersecurity and cloud solutions to Filipino businesses,” said Eastern Communications Co-Coordinator Ramon Aesquivel.

About Eastern Communications:
Eastern has been operating in the Philippines for over a hundred years and offers a wide range of connectivity options and related telecom services. For more information about Eastern Communications’ latest products and services, visit www.eastern.com.ph.

About DOSarrest Internet Security: 
DOSarrest founded in 2007 in Vancouver, B.C., Canada specializes in fully managed cloud based Internet security services including DDoS protection servicesData Center Defender (DCD), Web Application Firewall (WAF)DDoS Attack testing, as well as cloud based global load balancing.

Source: https://finance.yahoo.com/news/eastern-communications-philippines-partners-dosarrest-230000086.html

Cloud computing has clear advantages, learn how to mitigate security risks

Cloud Computing has revolutionized the way of doing businesses. More and more firms are opting for cloud services these days due to the various benefits they provide. Initially, cloud computing was limited merely to storing additional data such as contacts.

But the scenario today has changed entirely. Cloud computing services have taken the responsibility of the majority of core business data. This is because of the simple reason that these services have lessened the workload of business enterprises to a great extent. Today, the firms do not need to employ an entire IT department to look after the data of the company. This job is easily done by the cloud service providers who store and manage the data for the firms. Moreover, they also provide guidance form expert IT professionals on how to manage data.

What is Cloud Computing?

Cloud computing refers to the storage of data by business firms and other organizations with a third party known as Cloud Service Providers (CSPs). These CSPs store your data in their data centers at a different location. Companies can access this data through the internet.

Advantages of Cloud Computing

● Saves IT Costs:

As mentioned above, a company doesn’t need to maintain a team of IT professionals to store and maintain its data. All these tasks are handed over to the CSPs. This saves a lot of cost for the company.

● Better Storage Space:

Cloud Computing provides great storage space. Moreover, this storage can even be increased as per the company’s requirements. This would have required a great deal of effort and infrastructure otherwise.

● Professional Help:

CSPs not only provide storage services to their clients. They also provide expert guidance to the companies regarding the management of data. This works as an added advantage for the companies.

Risks Associated with Cloud Computing

Since every coin has a flip side, this one is no exception. There are loads and loads of risks that come along with Cloud Computing. If not paid proper attention these risks may engulf entire business entities. The damage can be so vast that it could not even be undone.

Therefore, one should be very cautious while choosing to transfer the data to a cloud network. Today, we are going to discuss the risks of Cloud Computing and how can we avoid them to make the best use of this inevitable service.

Top 5 Risks of Cloud Computing Service

1. Loss of Data:

The foremost risk that is faced by companies using Cloud storage is loss of their extremely valuable data. This loss can either be temporary or permanent. Cloud Storage Providers do not only store data of one company. They have data from many companies stored within their systems. In such situations, it might be possible that the data of one company may get replaced by other company’s data. Not only this, but data can be lost in a variety of other ways. For instance, hackers can delete your valuable data on purpose. Apart from this, data can also be lost because of human error.

How to Avoid Such Risks

● Take a backup of your data on other cloud services. Don’t just rely on one CSP.

● Sign agreements with cloud service providers on data restoration, backup, and other security policies.

● Know about all the threats that may lead to loss of your data and take effective measures to prevent them.

2. Non-Compliance with Regulations:

CSPs are often found not complying with the regulations that prevent businesses from data loss and effective measures they can take. In certain situations, small firms also do not know much

about the regulations. This makes them more vulnerable to such risks. Firms should make sure that the CSPs that they opt for data storage should comply with all the policies and regulations.

How to Avoid Such Risks

● Choose only those CSPs which adhere to all the rules and regulations.

● Don’t make all your crucial data migrate to the cloud service. Assess your risks.

3. Service Denial:

A firm should know that CSPs deal with multiple clients. This means that if an attacker attacks the resources of one company, it may affect the data of all the companies associated with that Cloud Service Provider. This may lead to a denial of service of other clients as well.

How to Avoid Such Risks

● Ask your service provider about provisions for retrieving cached data after malicious attacks.

● Is your provider capable of increasing the bandwidth against DDoS attacks?

4. Data Breaches:

Stealing of crucial data by hackers is another major risk that accompanies Cloud Computing. Even big organizations such as World Wrestling Entertainment (WWE) have faced this data breach. Therefore, it is very necessary to select those service providers who provide better security control.

How to Avoid Such Risks

● Avoid using applications which are not specified by the service providers.

● Install anti-malware, authentication, and encryption in personal devices to protect your data.

5. Insider Threats:

Intentional or unintentional threats posed by employees also result in a breach of data. Your employees might unknowingly share files which are pivotal to the organization. This can also happen purposely. This use of your data inappropriately may bring a lot of loss to the company.

How to Avoid Such Risks

● Employees must be well trained so that they do not share valuable information with other sources.

● Multifactor authentication can be effective in data theft.

Measures to Avoid Cloud Computing Risks

● Take Limited Risks:

It is advisable to take limited risks. This means that companies should not be entirely dependent on storing and managing their data. They should also put in efforts to personally store data to avoid complete data loss in case of any mishap.

Zero Trust Model:

Zero trust model approach means that every user, a system must be properly verified before giving access to the company’s systems. Restricting users from unauthorized access can prevent your data to a great extent.

● Learn from the Past Failures:

There are many large and small firms that have faced huge data losses in the past. Learn from their failures and make sure that you don’t repeat the same mistakes again.

● Encryption:

Encrypting your information through complex algorithms can protect data loss very effectively. However, small companies do not pay much heat to such measures. Consequently, this becomes fatal for the organization.

● Keep an Eye out:

Keeping a regular check on the management of your data and changing encryption codes regularly. Assessment of the level of security being provided or firewalls being used can contribute significantly to prevent a data breach.

Any business takes a lot of efforts and investment. Data has proved to become one of the most valuable and powerful assets of any company. Everyone wants more and more data, and this has led to an increase in the number of the data breach as well. Therefore, prevention of crucial

information has become the need of the hour. Few cautious steps can prevent companies from falling prey to such attacks. One just needs to be careful enough when using Cloud Computing Services.

Source: https://thebossmagazine.com/cloud-computing-security/

The world has embraced digital technology, but cybercrime is putting a serious dent in corporate finances, the FBI finds.

Last year, according to the FBI’s “2018 Internet Crime Report,” reported damages from cybercrime nearly doubled to $2.7 billion, and roughly half of that amount stemmed from business email schemes that zeroed in on wire transfer payments.

The FBI’s Internet Crime Complaint Center (IC3) report said agency received approximately 352,000 complaints about online skullduggery in 2018 — over 900 per day, on average. In recent years, the center has averaged somewhat fewer (about 300,000 complaints); however, between 2014 and 2018, the reported losses more than tripled, leaping from $800.5 million in 2014 to $1.42 billion in 2017 before reaching $2.7 billion last year.

Practically all businesses, irrespective of size and industry, are vulnerable to being victimized by cybercriminals. This makes cyberattacks the single biggest risk for today’s corporate leaders, as highlighted by the World Economic Forum.

“The 2018 report shows how prevalent these crimes are,” says Donna Gregory, chief of the FBI’s IC3 unit. “It also shows that the financial toll is substantial, and a victim can be anyone who uses a connected device.”

Business Email Scams Are Especially Lucrative
The FBI report pegs $1.2 billion of the 2018 losses on business email scamsthat hijack or mimic actual email accounts using social engineering or hacking to transact unauthorized fund transfers. Over time, the wildly successful scam has evolved to include spoofed personal, vendor, attorney, and real estate-related emails.

Hunting down and recovering unauthorized payments is one area where the FBI has made headway. In February, as noted in the report, the FBI established a Recovery Asset Team to focus on repatriating monies lost via business email scams. Last year, the FBI recouped $257 million unwittingly wired by cybercrime victims. That’s a respectable recovery rate of 75%.

The next-biggest moneymaker is “confidence fraud/romance,” where a criminal convinces his quarry that he can be trusted — and then steals from them. Another popular scam is when grandparents are tricked into thinking that a grandchild needs immediate financial help. The IC3 report says that 18,493 confidence scam victims racked up $362.5 million in reported losses in 2018.

Cyber Extortion Keeps Emerging
Last year, extortion generated 51,146 complaints and $83 million in losses, a 242% increase in complaints compared with 2017. Reported incidents included “sextortion” — where a criminal says he’ll send a pornographic video of the target to the target’s family and friends unless he receives a ransom — or distributed denial-of-service (DDoS) attacks, in which networks and systems are swamped with malicious IP traffic unless a “fee” is paid.

The FBI scored a big win when it identified and arrested two ringleaders of Apophis Squad, a cybercriminals-for-hire group that made bomb threats against scores of schools and launched multiple DDoS attacks against websites.

Apophis Squad took inspiration from the activities of another group, Lizard Squad, online hoodlums who also operated a DDoS-for-hire service, issued bomb threats to airlines, and repeatedly directing DDoS attacks at tons of websites. Almost all of its crew were arrested and charged with various online crimes. Until recently, the Apophis Squad’s online presence and DDoS-for-hire service resided on the same server used by a number of other domains linked to Lizard Squad.

Dark Figure Remains High
Cybercrime is a giant multinational business, and it continues to proliferate around the globe. That said, a yet-to-be-determined but undoubtedly massive number of cases still remain unreported or undetected. Many cybercrimes — such as malware, phishing, and ransomware — that have made the news in the past year were responsible for a fairly inconsequential portion of the reported losses. According to the IC3 report, ransomware scams that hit a number of large organizations in 2018 resulted in a relatively paltry $3.6 million in losses.

The IC3 also notes that the total number of reported complaints “only represents what victims report to the FBI via the IC3 and does not account for victim direct reporting to FBI field offices/agents.”

Additionally, the reported losses do not account for lost business, time, wages, or the cost of paying vendors to fix damaged computer networks. Both of these result in considerable margins of error in certain forms of cybercrime, which means that some of the figures are artificially low. The upshot is clear: As businesses everywhere continue to turn to digital technology and transact business online, more and more crime is shifting into the digital realm — and the number of attacks and the size of financial losses is only going to grow.

Source: https://www.darkreading.com/vulnerabilities—threats/fbi-cybercrime-losses-doubled-in-2018/a/d-id/1334595