Stop DDoS Attacks Archive

Due to development of technology, we live in an era that home and office appliances can be compromised and used to conduct a cyber attack. This was evident in 2016 whereby a cyber attack was launched using Mirai botnet malware. Mirai mostly affects IoT devices by scanning for open SSH ports or Telnet. Eventually, this destroys the entire system. In that case, Cymmetria did extensive research and developed an open source honeypot for Mirai detection.

Let us look at Mirai open source IoT honeypot, a new cymmetria research release.

Development of Mirai Open Source Honeypot

Mirai open source was developed by a specialist in cymmetria research after the DDoS cyber attack in October. It took them awhile since they had to be careful not to crash Mirai and also considering the fact that it is a bit bulky. After a number of test, development, and consultation, they concluded that the best defense against Mirai attack is developing an open source IoT Mirai honeypot. The Mirai honeypot open source is developed in a manner that it is capable of determining Mirai infection before it attacks an internet appliance.

Cymmetria built Mirai Honeypot comes with a number of functionalities.

They include:

  • It is capable of altering parameters so as to identify Mirai in the ports or commands.
  • It can specifically identify the Mirai version including the one used for research based on the request commands on the service.
  • Raises an alarm and report the presence of a syslog server
  • In case, the Mirai has tried to infect the user, it can collect the sample or crash it hence destroying the Mirai.
  • Lastly, it is capable of detecting any incoming connections in any port using telnet. More so, it checks out devices inserted on any of the ports.

How to Access Mirai Open Source IoT Honeypot

The cymmetria designed Mirai IoT honeypot can easily be obtained from the Git in cymmetria website. The Github exhibits different versions of Mirai honeypot, their validity, and the TFTP test. On the site, one can access download and installation instructions. In case, a problem or difficulties emerge as you try to install the program, you can raise its website and get a solution from cymmetria experts. It is easy to use, and it is available to anyone who would consider trying it out. However, like other interaction, low honeypot Mirai open source IoT has some limitations as it tries to emulate its services.

In conclusion, with an increase in cyber attacks, it is good to prevent your appliances to avoid possible disastrous result. This is because “prevention is better than cure.” It is so devastating whenever a business faces a cyber attack like the Mirai attack in 2016. That’s why cymmetria specialist took time to develop a preventive measure. In so doing, they developed Mirai open source IoT honeypot that safeguards any internet appliance against any intrusion by Mirai. It does so by detecting, reporting, taking samples, and crushing the Mirai. This is a great solution to cyber insecurity.


Cybersecurity in the healthcare sector was put under the spotlight after the WannaCry ransomware attacks that hit in May 2017, and it painted a vivid picture of how threats can paralyse real-world processes.

That’s according to Trend Micro and HITRUST’s latest research on how connected hospitals can be exploited – and researchers believe that the WannaCry scare has only made matters worse.

The research paper, titled Securing Connected Hospitals, looks at how internet-connected medical devices are often exposed due to misconfigured networks or software interfaces.

Connected devices can include surgical equipment, office applications, inventory systems, monitoring equipment, and imaging equipment.

Using search website Shodan, researchers were able to pinpoint devices connected to the Internet of Things and gather information about the devices’ geographic locations, hostnames, operating systems, and other information.

“An adversary can also use Shodan to perform detailed surveillance and gather intelligence about a target, which is why Shodan has been called the World’s Most Dangerous Search Engine,” the report says.

Beyond Shodan, exposed devices can also be profiled using network tools. Attackers could potentially access sensitive data, webcam feeds, compromise assets to conduct DDoS attacks or botnets, demand ransoms and much more.

The paper also looked at how supply chain attacks, including associates and third-party contractors, also play a dangerous role – 30% of healthcare breaches in 2016 were due to third parties.

“Supply chain threats arise as a result of outsourcing suppliers, and the lack of verifiable physical and cybersecurity practices in place at the suppliers,” the report says.

“Suppliers do not always vet personnel properly, especially companies that have access to patient data, hospital IT systems, or healthcare facilities. Vendors do not always vet their own products and software for cybersecurity risks, and may also be outsourcing resources as well. This allows perpetrators to exploit sensitive information across the supply chain.”

There are seven major supply chain threat vectors that attackers can use against the healthcare sector:

Firmware  attacks, mHealth mobile application compromises, source code compromise during the manufacturing process, insider threats from hospital and vendor staff, website/EHR and internal hospital software compromise, spearphishing, and third party vendor credentials.

The report points out that source code compromise during the manufacturing process can be extremely dangerous because hospitals tend not to test device security before installing it on their networks.

While no data on incidents involving medical devices was publicly disclosed in 2017, tablets, phones and even USB devices have been compromised in the past.

“In 2016, a healthcare organization unknowingly sent 37,000 malware-infected USB thumb drives to their offices nationwide. The manual of procedure codes for that year included the flash drive on the back pocket,” the report says.

The paper draws on qualitative risk analysis of various attack vectors to give an overview of some of the most pressing threats in healthcare.

Those threats include insecure devices that can be used to access a network, DDoS attacks, spear phishing, and unpatched systems.

“Having effective alert, containment, and mitigation processes are critical. The key principle of defense is to assume compromise and take countermeasures.”

  • Quickly identify and respond to ongoing security breaches.
  • Contain the security breach and stop the loss of sensitive data.
  • Pre-emptively prevent attacks by securing all exploitable avenues.
  • Apply lessons learned to further strengthen defenses and prevent repeat incidents.


The threat of data breaches continues to increase, with the number of U.S. cybersecurity incidents tracked in 2017 hitting a new record high of 1,579% – a 48% increase over 2016.  8.5% of the data breaches reported in 2017 involved the financial sector, impacting organizations such as banks, credit unions and credit card companies.  The global financial sector has always been a primary target for cyberattacks because of the tremendous value of the information to which these organizations often have access.  In fact, financial services firms are hit by cyberattacks a staggering 300 times more frequently than businesses in other industries.

Certain attacks impacting the financial sector, including Distributed Denial of Service (DDoS) attacks, continue to increase in size and frequency.  Social engineering, including spearphishing, is another form of attack increasingly used by cybercriminals to infiltrate financial organizations.  In 2016 and 2017, cybercriminals targeted 100 banks in 30 countries via a spearphishing campaign dubbed “Carbanak,” stealing roughly $1.3 billion over an 18-month period. This campaign, which encouraged high-level employees to download malware that infiltrated bank networks, underscores the critical threat posed to the financial sector by spearphishing and other forms of social engineering attack.

High cost of cybersecurity incidents

A recent report from the Ponemon Institute and IBM found that the average total cost of a data breach in the U.S. reached a record high of $7.35 million in 2017 across all industries, up 5% from 2016.  While that figure is already alarming, the cost of breaches in the financial sector can be exponentially higher.  For example, while the average cost to U.S. businesses per record lost or stolen in a breach was $225 across all industries in 2017, the cost for financial organizations was $336 – an increase of 49%.

The specific types of attacks frequently used to target financial entities likely contribute to these higher costs.  For example, malware attacks cost financial organizations an average of approximately $825,000 to resolve.  For DDoS attacks, which specifically target online banking services, the cost skyrockets to an average of approximately $1.8 million.  Even worse, DDoS attacks impact the customer-facing resources of financial organizations more severely than in other sectors.

These costs can be even more significant when cybersecurity incidents impact brand loyalty and trust, which can in turn lead to customer churn.  Companies that experience less than 1% customer churn had an average total data breach cost of $5.3 million, while those that experience churn greater than 4% had an average total cost of $10.1 million, according to the Ponemon Institute and IBM.  This should be especially concerning for financial organizations, as they experience the highest rate of customer churn following a data breach of any industry.  As a result, one out of every five financial institutions cited damaged brand trust or reputation as their top concern pertaining to data breaches.

Real danger of losing customers

A 2016 survey of identity theft and fraud victims found that 12.3% of respondents left their credit unions, 28% left their banks, and 22.4% left their credit card companies as a result of unauthorized activity on their accounts.  The danger of customer churn for financial organizations that experience a cybersecurity incident is very real, and protection against cyber threats should therefore be a top priority – as it should be for companies in all industries.

Strategies for taking care of cybersecurity incidents

As the number and severity of cyberthreats increase on a daily basis, raising awareness of these risks among financial institutions has fortunately proven largely successful.  Some financial organizations have reported that simply hearing about cyber incidents impacting other entities in the sector has influenced them to invest more in their own security.  Other top reasons cited for increased cybersecurity investment include upper management wanting to improve defenses, experiencing a cyberattack and customer demand.

While there is no one-size-fits all approach to improving cybersecurity for financial organizations, any company can follow general best practices that can be tailored to fit its unique needs.  Wider implementation of these practices is needed, as 75% of surveyed businesses in 2016 indicated that they did not have a formal cybersecurity incident response plan at their organization.  Additionally, 66% of respondents noted that they were not confident in their organization’s ability to recover from an attack.  These numbers are alarming, and frankly there is no excuse for any company not to have a data breach response plan in place, regardless of the sector in which it operates.  In addition to data breach response implementation, many institutions are now exploring cyber risk insurance or cyber liability insurance, which help to mitigate risk exposure by offsetting costs associated with recovery after a cybersecurity incident.

Financial companies should also implement strategies to mitigate customer fallout after a breach.  For example, offering customers resources to help resolve issues stemming from a cyberattack, such as an identity protection offering that includes resolution services.  Return on investment for these types of offerings can be significant, as they should preserve customer trust while reducing customer churn.  Moreover, a recent consumer survey found that 50% of respondents would prefer to purchase identity protection services from a financial institution with which they partner, as they often already trust these organizations with their sensitive information.  Some identity protection providers allow their platforms to be white labeled, enabling financial organizations offering these services to increase positive brand perception while protecting their customers and employees against fraud.

Don’t forget that employees may be the weakest link

While financial organizations are beginning to implement better cybersecurity best practices pertaining to their technology systems or other resources, they often fail to invest equally in their employee base, which potentially poses the greatest cyberthreat of all.  Hacking, skimming and phishing attacks account for more than half of all data breaches impacting financial entities, and many of these are a direct result of spearphishing efforts targeting management teams.  The Internal Revenue Service witnessed a 400% increase in this type of fraud in 2016 alone.  Other top data breach causes include accidental email or Internet exposure, as well as employee error.

Financial institutions should address cyber threats posed by their own employees by providing sufficient education about procedures for identifying and responding to risks, while adhering to applicable regulatory and compliance policies.  Return on investment for employee education programs can be substantial.  For example, the Ponemon Institute calculated the effectiveness of anti-phishing training programs and found that the average program resulted in a 37-fold return on investment, even when taking lost productivity into account.

As with their customers, financial organizations can promote cybersecurity awareness and foster a culture of best practice by offering employees access to security resources, or even identity protection services, as employee benefits.  Investing in cybersecurity comprehensively is critical, and certain well-known financial institutions are leading the charge.  For example, Bank of America Merrill Lynch has taken a “blank check approach”; in other words, it has removed budgetary restrictions from its cybersecurity spending, as the company recognizes the importance of protecting against cyber threats.

Invest in customers and employees for comprehensive approach

The only guarantee in today’s cyber landscape is that nefarious parties will continue to find new ways to infiltrate networks at financial institutions, and indeed at organizations of all types.  Therefore, financial companies must implement best practices to protect against data breaches, as well as to resolve all possible issues that can arise should a cyberattack occur.  Technology solutions such as multifactor authentication or biometric credentials are critical, but just as important are investments in resources for both customers and employees.  This comprehensive approach is the only way to effectively combat today’s cyber threats.


With the rapid advancement of internet-based technologies, cybersecurity is a constant cloud looming on the horizon. As the technology evolves, so too, do the cybercriminals. Their constant efforts to steal valuable data and disrupt business through DDoS attacks are increasingly sophisticated.

Holding companies hostage and monetizing data through ransomware techniques is sadly par for the course. In fact, it’s estimated that cybersecurity alone costs the global economy some $450 billion a year. With IT professionals scrambling to stay one step ahead of the hackers, how can blockchain be used to aid cybersecurity?

No Single Point of Failure

The decentralized nature of the blockchain means that there is no single point of failure, nor one central database waiting to be hacked. Information is stored over several databases, and each block is linked to the next in the chain, making no “hackable” entrance. This provides infinitely greater security than our current, centralized structures.

Removing Human Error

The weakest link in our current system is simple logins that are vulnerable to being cracked. Blockchain can remove human error in cybersecurity, as businesses can authenticate devices without the need for a password system. Each device is provided with a specific SSL certificate, rather than a password. Human intervention becoming a potential hacker vector is consequently avoided.

Bitcoin advocate, adjunct professor at NYU Law School and practicing attorney, Andrew Hinkes, explains, “Using a public blockchain with proof of work consensus can remove the foibles of human mistake or manipulation.”

Detecting Tampering in Real Time

The blockchain can uncover and reject suspicious behavior in the system in real time. Say, for example, that a hacker tried to interfere with the information in a block. The entire system would be alerted and examine all data blocks to locate the one that stood out from the rest. It would then be recognized as false and excluded from the system.

Improving IoT Security

With the rise in IoT devices, come inherent security risks. We’ve already seen problems occur when trying to disable compromised devices that become part of botnets. According to Kevin Curran, IEEE senior member and professor of cybersecurity at Ulster University, the blockchain can put an end to that:

“The blockchain, with its solid cryptographic foundation offering a decentralized solution can aid against data tampering, thus offering greater assurances for the legitimacy of the data.” This would mean that potentially billions of IoT devices could connect and communicate in a secure ecosystem.


All transactions on the blockchain are highly traceable, using a timestamp and digital signature. Companies can easily go back to the root of each and every transaction to a given date and locate the corresponding party. Since all transactions are cryptographically associated to a user, the perpetrator can be easily found.

Says Hinkes, “Blockchains create an audit trail of all activity by its participants, which simplifies access control and monitoring.” This offers companies a level of security and transparency on every iteration.

The Takeaway

Currently, the impending threat of DDoS attacks comes from our existing Domain Name System. Blockchain technology would disrupt this completely by decentralizing the DNS and distributing the content to a greater number of nodes. This would make it virtually impossible for cybercriminals to hack and create a secure environment to host the world’s data.


At a cursory glance, the cryptocurrency landscape looks an awful lot like the old Wild West – lawless, volatile, open; no viable law enforcement in sight. But is there also a more positive side to blockchain technology?

We’ve all seen the headlines. Bitcoin’s rise and fall, high profile hacking attacks, and ICO fly-by-night scam teams riding off into the sunset with investor money. At a cursory glance, the cryptocurrency landscape looks an awful lot like the old Wild West – lawless, volatile, open; no viable law enforcement in sight.

Transactions are sent anonymously by faceless villains on the darkweb for illicit dealings. Lack of central authorities have lead to crypto’s ban in at least five countries, and its surging value makes it increasingly attractive to cyber-criminals. So the question remains: Are cryptocurrencies more than just a way for criminals to get paid anonymously and avoid tax?

A response to the 2008 financial crisis

To get to the root of the issue, it’s worth remembering why cryptocurrencies came about in the first place. Bitcoin, the world’s first cryptocurrency, emerged in response to the 2008 financial crisis. It was an open source project to allow for a transparent economy, in which individuals could be responsible for their own wealth.

The lack of centralisation meant that people could transact globally without the need for intervention or permission from institutions, at a time when trust in the banking system was at an all-time low.

Head of Red Team Services at CyberArk, Shay Nahari, explains to SC Media UK, “The original idea behind cryptocurrencies was to provide a way for network computers to anonymously complete transactions. And today there are credible and legitimate services online and in retail that use cryptocurrency as a form of payment”.

Cryptocurrency has also been successfully used to complete many an international transfer, bypassing hefty banking fees and avoiding lengthy delays. Yet, the anonymity of cryptocurrency makes it a magnet for delinquents of all stripes, particularly on the darkweb.

Cryptocurrency adoption by criminals

Not only are tax evaders and drug barons willfully using it to fly below the radar and move vast sums of undeclared money around, but hackers have discovered the weak links, as well.

Despite the much marketed “anonymity” of Bitcoin, all transactions are visible, and this provides law enforcement authorities with enough data to uncover hackers’ identities. It’s also brought about a rise in the usage of altcoins (Bitcoin alternatives).

Currencies like Monero, that have been designed to be secure and untraceable, are gaining favour in the underground world for protecting the user identity and keeping follow-up transactions anonymous.

Nahari remarks, “Together with the fact that Monero was designed to still be effectively mined with CPU and not just special hardware, and the fact that due to its anonymity, accounts cannot be blacklisted (even if they are identified as malicious) means that bots of infected machines can generate large amounts of money for the attackers while still being almost resilient against law enforcement. As a result, Monero use on the darkweb has risen and its price has risen along with it”.

While all this sounds like a veritable hotbed of malevolent activity, it’s pertinent to remember that digital currencies are not the only vehicle for carrying out nefarious deeds. It’s well known that the US dollar is the criminal’s bill of choice when it comes to money laundering and drug trafficking.

And while it’s true that both currencies can be used for legitimate and illegitimate purposes, cryptocurrency is inherently more trackable than fiat currency. In many countries, the US included, national regulations already require cryptocurrency purchasers to undergo Know Your Customer/Anti-Money Laundering (KYC/AML) protocol before being able to invest.

Moreover, despite the fact that the public at large rarely comes across US$ 100 bills, they make up a massive 80 percent of all US currency.

Large notes in outside currencies have caused a problem for a while now, for their propensity to facilitate criminal activity. In 2010, UK exchange offices ceased sales of €500 notes, after police officials found that some 90 percent of them were used by organised crime.

Jennifer McEntire, manager of financial crime compliance strategy at LexisNexis Risk Solutionscomments, “When you look at money laundering overall, that actually occurs and is easier with traditional currencies. Bulk movement of cash and hand to hand cash transfers are far more common and easier to execute by most people, while remaining truly anonymous. If you’re using a cryptocurrency in an exchange platform, it’s likely that you’re leaving a digital trail in emails, text messages, and device usage. You’re not as anonymous as you think you are”.

Not all cryptocurrencies were created equal

When Bitcoin value soared to just shy of US$ 20,000 (apx £14,000) in December of last year and promptly plummeted back down to under US$ 7,000 (£5,000) in a few short weeks, it became pretty clear that such rampant volatility rendered its usage as a currency challenging, to say the least.

Says McEntire, “Many people in the United States are seeing it as an investment vehicle, they’re seeing the games that are happening. So I think that it can be dangerous in some ways, but not necessarily more dangerous than our traditional markets. Our traditional markets are also volatile. Cryptocurrency isn’t going to go away but the volatility… I would liken and compare to our traditional markets.”

Actually the volatility of cryptocurrency isn’t unique. Even gold, that is historically viewed as a stable asset, has experienced similar surges and crashes over the decades.

Jeremy Epstein, leading speaker on blockchain innovation and CEO of blockchain marketing agency NeverStopMarkerting comments, “The volatility comes from the fact that we are seeing the birth of an entirely new asset class. It’s the first digitally-native currency, built specifically for digital. That’s not the case with our existing fiat systems. As such, it’s tough for all of us to understand how it works and how to value it”.

And while cryptos are often labelled as being “volatile”, not all cryptocurrencies were created equal. There are plenty of stable-value cryptocurrencies on the market whose value is pegged to another asset, such as the dollar. Naturally, corporate treasurers are risk averse and, as adoption becomes more widespread, payments will likely be made using these types of cryptocurrencies, rather than the wildly fluctuating Bitcoin or Ethereum.

Cryptocurrency, blockchain and cyber-security

Just as cryptocurrency has different uses, so too, does the blockchain. One of which will undoubtedly change the face of cyber-security in the not-so-distant future. Cyber-crime remains a constant threat and thorn in the side of many an IT department, costing the global economy some £324 billion a year.

“Equifax is exhibits A-Z on this. Our current IT systems are not built to hold the amount of data that they currently have, particularly personal data. We’re vulnerable because of centralisation. Decentralising and securing the data stores provides greater security”, Epstein remarks.

Because blockchains create an audit trail of all activity by its participants, the process of access control and monitoring is greatly simplified, and can remove human manipulation and error. Thanks to cryptography, blockchain offers practically impenetrable security – the sheer possibilities of combinations in the encryption would take a typical modern PC trillions of years to go through.

Paul Brody, global innovation blockchain leader at EY asserts, “Blockchains are possibly the most secure information technology ever invented. It is, for all practical purposes, impossible to counterfeit Bitcoin or alter transaction histories in these systems. Blockchains hold the promise of creating vastly more secure online transactions and secure, unbreakable digital contracts between users”.

If blockchain is so secure though, that poses a rather awkward question. Why are we always hearing about hacking, theft, and criminal activity?

Brody has an answer to that. “Cryptocurrency blockchains are public”, he points out, “which allows for increased and earlier visibility when thefts occur. And while blockchains are themselves very secure, they operate in an ecosystem that still has many weaknesses, including human error. While you can’t counterfeit bitcoins, you can steal them, and once they are stolen they may very well be gone for good. Various parts of the cryptocurrency ecosystem still require development in order to provide a higher level of security for users”.

Indeed. In fact, EY’s own ICO research found that as much as 10 percent of the total funding through ICOs may have been subject to theft or fraud, to the tune of £290 million.

Cyber-security strategist at Juniper Networks, Nick Bilogorskiy, emphasises, “It is important to make a distinction between the technologies of cryptocurrency and blockchain. While the former has been used mostly for nefarious purposes, the latter has plenty of genuine use cases, for example, decentralised storage, and preventing fraud and data theft. Blockchain technology has no single point of failure, which highly decreases the chances of a successful DDoS attack”.

In fact, blockchain is so secure that cyber-criminals are already finding ways of using it to make their own servers hacker-proof, as recently reported in SC Magazine.

Cryptocurrencies are just the tip of the iceberg

Just as AOL and email were to the internet, cryptocurrencies are the tip of the iceberg when it comes to blockchain technology. After all, they haven’t been banned by the Bank of England and other institutions, despite the growing concern about criminal use cases.

European central banks and regulators, in fact, have a tradition of encouraging innovation (not to mention sniffing out a financial opportunity) and it’s becoming clearer by the day that blockchain presents plenty of these.

Kevin Curran, IEEE senior member and professor of cyber-security at Ulster University says, “The blockchain has an important role to play in the security of the Internet of Things in the days ahead. Scaling the Internet of Things will prove difficult using traditional centralised models. There are also inherent security risks in the Internet of Things, such as disabling them should they become compromised and become parts of botnets., which has become a serious problem already… Blockchain technology could potentially allow billions of connected IoT devices to communicate in a secure yet decentralised ecosystem, which also allows consumer data to remain private”.

Moreover, according to Brody, we can soon expect to see the blockchain touching most areas of our lives. “Cryptocurrencies – and the blockchains they run on – are a technical revolution that should enable a transformational set of new business technologies. It offers secure, reliable, disintermediated collaboration between companies doing business with each other. We think everything from the digital media business to supply chains will be transformed with this technology in the coming years”.

From empowering and connecting people currently overlooked by the legal and banking systems, to resolving electoral fraud, creating transparency in the supply chain, and reducing costs; the potential of the blockchain is practically limitless.

But it isn’t all utopia yet.

While blockchains themselves are natively secure, secondary software, such as wallets and exchanges, are often notably less so. Ownership of open source projects remains an under-addressed issue that may ultimately impact version updating and liability. Smart contracts rely on oracles to report external data, and this technology is still underdeveloped and problematic.

Regulation remains the elephant in the room. Everyone agrees that regulation in some shape or form will have to take place, but no one agrees on what it will look like, the form it will take from jurisdiction to jurisdiction – or the impact it may have on curtailing blockchain innovations.

Until these teething troubles are resolved and we begin to gain a better understanding of the technology, cryptocurrencies may continue to be hijacked by bottom feeding lowlives to facilitate their lifestyles. But whatever your stance on digital money, you’ll surely agree there’s a lot more to crypto than meets the eye.