Stop DDoS Attacks Archive

There’s a lot of misunderstanding about blockchain. A recent study by HSBC, for example, found that 59 percent of customers around the world had never heard of it. Yet, while that alone is quite telling, it’s probably more alarming to consider the fact that very same poll revealed that 80 percent of people who had hard of blockchain did not understand what it is.

This level of confusion isn’t confined to the general population either. Politicians in charge of setting the law around this sort of technology and some traders who are perfectly at home with currency futures are equally in the dark about what this technology is and what it means for the financial industry.

There are some who fear that this technology – a digital transaction ledger in which each block is protected by cryptography – poses a security risk. That hasn’t been helped, it has to be said, by a number of scams in this market which have caused some to associate blockchain with risk.

CoinDesk, for example, demonstrates seven key incidents that attracted attention in 2017 alone. The incidents it highlights — including wallet hacks, ICO fraud and software bugs — cost investors nearly $490 million.

But, while it’s understandable that these sorts of incidents cause alarm, the general fear around blockchain is misplaced, probably not helped by the fact that this technology is proving ‘disruptive’ to the old order, promising drastic change to the speed and ease of money transfers.

Far from being the cause of problems for the financial industry, this technology might well offer a solution to make the industry safer.

Medium writer Redactor demonstrates four key ways in which blockchain technology is improving cybersecurity. These are:

  • Mitigating attacks such as DDoS with a decentralized structure and by not having a single point of failure
  • Protection for IoT devices, which can communicate with enterprise-defined ledgers based on blockchain
  • Providing transparency with permanent records that cannot be altered without creating a data trail (in order for transactions to be finalized they need to be approved more than half of the systems in a network and, when this occurs, the block is given a time stamp and is immutable)
  • Allowing for digital identities, greater encryption and more robust authentication

It’s fair to say that blockchain is here to stay. It isn’t ‘just’ the technology that underpins Bitcoin and other cryptocurrencies — although this is probably what its most known for — but it is a form of technology that has much wider potential for use in the finance sector and beyond.

Rather than ignore it — or treat it as a security threat — the industry needs to identify the potential of blockchain and set to work to use this as a way to add security. This, increasingly, is the case, with banks and big tech firms working on ways to harness blockchain to shelter the data of financial firms and customers alike.

Clearly scams shouldn’t be ignored — and work needs to be done to crack down on these — but nor should the positive potential of blockchain as a force for security.


Due to development of technology, we live in an era that home and office appliances can be compromised and used to conduct a cyber attack. This was evident in 2016 whereby a cyber attack was launched using Mirai botnet malware. Mirai mostly affects IoT devices by scanning for open SSH ports or Telnet. Eventually, this destroys the entire system. In that case, Cymmetria did extensive research and developed an open source honeypot for Mirai detection.

Let us look at Mirai open source IoT honeypot, a new cymmetria research release.

Development of Mirai Open Source Honeypot

Mirai open source was developed by a specialist in cymmetria research after the DDoS cyber attack in October. It took them awhile since they had to be careful not to crash Mirai and also considering the fact that it is a bit bulky. After a number of test, development, and consultation, they concluded that the best defense against Mirai attack is developing an open source IoT Mirai honeypot. The Mirai honeypot open source is developed in a manner that it is capable of determining Mirai infection before it attacks an internet appliance.

Cymmetria built Mirai Honeypot comes with a number of functionalities.

They include:

  • It is capable of altering parameters so as to identify Mirai in the ports or commands.
  • It can specifically identify the Mirai version including the one used for research based on the request commands on the service.
  • Raises an alarm and report the presence of a syslog server
  • In case, the Mirai has tried to infect the user, it can collect the sample or crash it hence destroying the Mirai.
  • Lastly, it is capable of detecting any incoming connections in any port using telnet. More so, it checks out devices inserted on any of the ports.

How to Access Mirai Open Source IoT Honeypot

The cymmetria designed Mirai IoT honeypot can easily be obtained from the Git in cymmetria website. The Github exhibits different versions of Mirai honeypot, their validity, and the TFTP test. On the site, one can access download and installation instructions. In case, a problem or difficulties emerge as you try to install the program, you can raise its website and get a solution from cymmetria experts. It is easy to use, and it is available to anyone who would consider trying it out. However, like other interaction, low honeypot Mirai open source IoT has some limitations as it tries to emulate its services.

In conclusion, with an increase in cyber attacks, it is good to prevent your appliances to avoid possible disastrous result. This is because “prevention is better than cure.” It is so devastating whenever a business faces a cyber attack like the Mirai attack in 2016. That’s why cymmetria specialist took time to develop a preventive measure. In so doing, they developed Mirai open source IoT honeypot that safeguards any internet appliance against any intrusion by Mirai. It does so by detecting, reporting, taking samples, and crushing the Mirai. This is a great solution to cyber insecurity.


Cybersecurity in the healthcare sector was put under the spotlight after the WannaCry ransomware attacks that hit in May 2017, and it painted a vivid picture of how threats can paralyse real-world processes.

That’s according to Trend Micro and HITRUST’s latest research on how connected hospitals can be exploited – and researchers believe that the WannaCry scare has only made matters worse.

The research paper, titled Securing Connected Hospitals, looks at how internet-connected medical devices are often exposed due to misconfigured networks or software interfaces.

Connected devices can include surgical equipment, office applications, inventory systems, monitoring equipment, and imaging equipment.

Using search website Shodan, researchers were able to pinpoint devices connected to the Internet of Things and gather information about the devices’ geographic locations, hostnames, operating systems, and other information.

“An adversary can also use Shodan to perform detailed surveillance and gather intelligence about a target, which is why Shodan has been called the World’s Most Dangerous Search Engine,” the report says.

Beyond Shodan, exposed devices can also be profiled using network tools. Attackers could potentially access sensitive data, webcam feeds, compromise assets to conduct DDoS attacks or botnets, demand ransoms and much more.

The paper also looked at how supply chain attacks, including associates and third-party contractors, also play a dangerous role – 30% of healthcare breaches in 2016 were due to third parties.

“Supply chain threats arise as a result of outsourcing suppliers, and the lack of verifiable physical and cybersecurity practices in place at the suppliers,” the report says.

“Suppliers do not always vet personnel properly, especially companies that have access to patient data, hospital IT systems, or healthcare facilities. Vendors do not always vet their own products and software for cybersecurity risks, and may also be outsourcing resources as well. This allows perpetrators to exploit sensitive information across the supply chain.”

There are seven major supply chain threat vectors that attackers can use against the healthcare sector:

Firmware  attacks, mHealth mobile application compromises, source code compromise during the manufacturing process, insider threats from hospital and vendor staff, website/EHR and internal hospital software compromise, spearphishing, and third party vendor credentials.

The report points out that source code compromise during the manufacturing process can be extremely dangerous because hospitals tend not to test device security before installing it on their networks.

While no data on incidents involving medical devices was publicly disclosed in 2017, tablets, phones and even USB devices have been compromised in the past.

“In 2016, a healthcare organization unknowingly sent 37,000 malware-infected USB thumb drives to their offices nationwide. The manual of procedure codes for that year included the flash drive on the back pocket,” the report says.

The paper draws on qualitative risk analysis of various attack vectors to give an overview of some of the most pressing threats in healthcare.

Those threats include insecure devices that can be used to access a network, DDoS attacks, spear phishing, and unpatched systems.

“Having effective alert, containment, and mitigation processes are critical. The key principle of defense is to assume compromise and take countermeasures.”

  • Quickly identify and respond to ongoing security breaches.
  • Contain the security breach and stop the loss of sensitive data.
  • Pre-emptively prevent attacks by securing all exploitable avenues.
  • Apply lessons learned to further strengthen defenses and prevent repeat incidents.


The threat of data breaches continues to increase, with the number of U.S. cybersecurity incidents tracked in 2017 hitting a new record high of 1,579% – a 48% increase over 2016.  8.5% of the data breaches reported in 2017 involved the financial sector, impacting organizations such as banks, credit unions and credit card companies.  The global financial sector has always been a primary target for cyberattacks because of the tremendous value of the information to which these organizations often have access.  In fact, financial services firms are hit by cyberattacks a staggering 300 times more frequently than businesses in other industries.

Certain attacks impacting the financial sector, including Distributed Denial of Service (DDoS) attacks, continue to increase in size and frequency.  Social engineering, including spearphishing, is another form of attack increasingly used by cybercriminals to infiltrate financial organizations.  In 2016 and 2017, cybercriminals targeted 100 banks in 30 countries via a spearphishing campaign dubbed “Carbanak,” stealing roughly $1.3 billion over an 18-month period. This campaign, which encouraged high-level employees to download malware that infiltrated bank networks, underscores the critical threat posed to the financial sector by spearphishing and other forms of social engineering attack.

High cost of cybersecurity incidents

A recent report from the Ponemon Institute and IBM found that the average total cost of a data breach in the U.S. reached a record high of $7.35 million in 2017 across all industries, up 5% from 2016.  While that figure is already alarming, the cost of breaches in the financial sector can be exponentially higher.  For example, while the average cost to U.S. businesses per record lost or stolen in a breach was $225 across all industries in 2017, the cost for financial organizations was $336 – an increase of 49%.

The specific types of attacks frequently used to target financial entities likely contribute to these higher costs.  For example, malware attacks cost financial organizations an average of approximately $825,000 to resolve.  For DDoS attacks, which specifically target online banking services, the cost skyrockets to an average of approximately $1.8 million.  Even worse, DDoS attacks impact the customer-facing resources of financial organizations more severely than in other sectors.

These costs can be even more significant when cybersecurity incidents impact brand loyalty and trust, which can in turn lead to customer churn.  Companies that experience less than 1% customer churn had an average total data breach cost of $5.3 million, while those that experience churn greater than 4% had an average total cost of $10.1 million, according to the Ponemon Institute and IBM.  This should be especially concerning for financial organizations, as they experience the highest rate of customer churn following a data breach of any industry.  As a result, one out of every five financial institutions cited damaged brand trust or reputation as their top concern pertaining to data breaches.

Real danger of losing customers

A 2016 survey of identity theft and fraud victims found that 12.3% of respondents left their credit unions, 28% left their banks, and 22.4% left their credit card companies as a result of unauthorized activity on their accounts.  The danger of customer churn for financial organizations that experience a cybersecurity incident is very real, and protection against cyber threats should therefore be a top priority – as it should be for companies in all industries.

Strategies for taking care of cybersecurity incidents

As the number and severity of cyberthreats increase on a daily basis, raising awareness of these risks among financial institutions has fortunately proven largely successful.  Some financial organizations have reported that simply hearing about cyber incidents impacting other entities in the sector has influenced them to invest more in their own security.  Other top reasons cited for increased cybersecurity investment include upper management wanting to improve defenses, experiencing a cyberattack and customer demand.

While there is no one-size-fits all approach to improving cybersecurity for financial organizations, any company can follow general best practices that can be tailored to fit its unique needs.  Wider implementation of these practices is needed, as 75% of surveyed businesses in 2016 indicated that they did not have a formal cybersecurity incident response plan at their organization.  Additionally, 66% of respondents noted that they were not confident in their organization’s ability to recover from an attack.  These numbers are alarming, and frankly there is no excuse for any company not to have a data breach response plan in place, regardless of the sector in which it operates.  In addition to data breach response implementation, many institutions are now exploring cyber risk insurance or cyber liability insurance, which help to mitigate risk exposure by offsetting costs associated with recovery after a cybersecurity incident.

Financial companies should also implement strategies to mitigate customer fallout after a breach.  For example, offering customers resources to help resolve issues stemming from a cyberattack, such as an identity protection offering that includes resolution services.  Return on investment for these types of offerings can be significant, as they should preserve customer trust while reducing customer churn.  Moreover, a recent consumer survey found that 50% of respondents would prefer to purchase identity protection services from a financial institution with which they partner, as they often already trust these organizations with their sensitive information.  Some identity protection providers allow their platforms to be white labeled, enabling financial organizations offering these services to increase positive brand perception while protecting their customers and employees against fraud.

Don’t forget that employees may be the weakest link

While financial organizations are beginning to implement better cybersecurity best practices pertaining to their technology systems or other resources, they often fail to invest equally in their employee base, which potentially poses the greatest cyberthreat of all.  Hacking, skimming and phishing attacks account for more than half of all data breaches impacting financial entities, and many of these are a direct result of spearphishing efforts targeting management teams.  The Internal Revenue Service witnessed a 400% increase in this type of fraud in 2016 alone.  Other top data breach causes include accidental email or Internet exposure, as well as employee error.

Financial institutions should address cyber threats posed by their own employees by providing sufficient education about procedures for identifying and responding to risks, while adhering to applicable regulatory and compliance policies.  Return on investment for employee education programs can be substantial.  For example, the Ponemon Institute calculated the effectiveness of anti-phishing training programs and found that the average program resulted in a 37-fold return on investment, even when taking lost productivity into account.

As with their customers, financial organizations can promote cybersecurity awareness and foster a culture of best practice by offering employees access to security resources, or even identity protection services, as employee benefits.  Investing in cybersecurity comprehensively is critical, and certain well-known financial institutions are leading the charge.  For example, Bank of America Merrill Lynch has taken a “blank check approach”; in other words, it has removed budgetary restrictions from its cybersecurity spending, as the company recognizes the importance of protecting against cyber threats.

Invest in customers and employees for comprehensive approach

The only guarantee in today’s cyber landscape is that nefarious parties will continue to find new ways to infiltrate networks at financial institutions, and indeed at organizations of all types.  Therefore, financial companies must implement best practices to protect against data breaches, as well as to resolve all possible issues that can arise should a cyberattack occur.  Technology solutions such as multifactor authentication or biometric credentials are critical, but just as important are investments in resources for both customers and employees.  This comprehensive approach is the only way to effectively combat today’s cyber threats.


With the rapid advancement of internet-based technologies, cybersecurity is a constant cloud looming on the horizon. As the technology evolves, so too, do the cybercriminals. Their constant efforts to steal valuable data and disrupt business through DDoS attacks are increasingly sophisticated.

Holding companies hostage and monetizing data through ransomware techniques is sadly par for the course. In fact, it’s estimated that cybersecurity alone costs the global economy some $450 billion a year. With IT professionals scrambling to stay one step ahead of the hackers, how can blockchain be used to aid cybersecurity?

No Single Point of Failure

The decentralized nature of the blockchain means that there is no single point of failure, nor one central database waiting to be hacked. Information is stored over several databases, and each block is linked to the next in the chain, making no “hackable” entrance. This provides infinitely greater security than our current, centralized structures.

Removing Human Error

The weakest link in our current system is simple logins that are vulnerable to being cracked. Blockchain can remove human error in cybersecurity, as businesses can authenticate devices without the need for a password system. Each device is provided with a specific SSL certificate, rather than a password. Human intervention becoming a potential hacker vector is consequently avoided.

Bitcoin advocate, adjunct professor at NYU Law School and practicing attorney, Andrew Hinkes, explains, “Using a public blockchain with proof of work consensus can remove the foibles of human mistake or manipulation.”

Detecting Tampering in Real Time

The blockchain can uncover and reject suspicious behavior in the system in real time. Say, for example, that a hacker tried to interfere with the information in a block. The entire system would be alerted and examine all data blocks to locate the one that stood out from the rest. It would then be recognized as false and excluded from the system.

Improving IoT Security

With the rise in IoT devices, come inherent security risks. We’ve already seen problems occur when trying to disable compromised devices that become part of botnets. According to Kevin Curran, IEEE senior member and professor of cybersecurity at Ulster University, the blockchain can put an end to that:

“The blockchain, with its solid cryptographic foundation offering a decentralized solution can aid against data tampering, thus offering greater assurances for the legitimacy of the data.” This would mean that potentially billions of IoT devices could connect and communicate in a secure ecosystem.


All transactions on the blockchain are highly traceable, using a timestamp and digital signature. Companies can easily go back to the root of each and every transaction to a given date and locate the corresponding party. Since all transactions are cryptographically associated to a user, the perpetrator can be easily found.

Says Hinkes, “Blockchains create an audit trail of all activity by its participants, which simplifies access control and monitoring.” This offers companies a level of security and transparency on every iteration.

The Takeaway

Currently, the impending threat of DDoS attacks comes from our existing Domain Name System. Blockchain technology would disrupt this completely by decentralizing the DNS and distributing the content to a greater number of nodes. This would make it virtually impossible for cybercriminals to hack and create a secure environment to host the world’s data.