Attention is turning to application data breaches, network attacks and malware, despite 60% of respondents saying they are worried about DDoS attacks, a survey shows

Complacency about distributed denial of service (DDoS) attacks is putting businesses at risk, a survey has revealed.

Investment in specific DDoS protection is relatively low, according to a survey by F5 Networks at Infosecurity Europe 2015 in London.

Attention is turning to application data breaches, network attacks and malware, despite 60% of respondents saying they are worried about DDoS attacks and 39% admitting it is likely their organisation has already been targeted.

Similarly to advanced persistent threats (APTs), many DDoS attacks are starting to be characterised by long durations, repetition and changing attack vectors, according to a recent report by Imperva.

Almost 40% of the organisations questioned are using a firewall to protect against DDoS attacks, with web application firewalls preferred by 26% of respondents, but investment in specific DDoS protection, either on or off premise, scored much lower.

However, firewalls are not sufficient as they often cause bottlenecks and accelerate outages during attacks, according to a report published in March by communications and analysis firm Neustar.

With cyber criminal services available to enable anyone to take down a website using DDoS attacks for just $6 a month, it is clear increasing mitigation capacity alone is not enough, said Neustar senior vice-president and fellow Rodney Joffe.

“We have to become more strategic. The online community needs to develop industry-based mitigation technologies that incorporate mechanisms to distribute attack source information to internet service providers so they can stop attacks closer to the source,” he said.

Gary Newe, technical director of UK, Ireland and Sub-Saharan Africa at F5, said he was surprised DDoS attacks are not among the top three concern for businesses.

“DDoS attacks are still coming thick and fast, with an ever-increasing level of sophistication. Businesses must continue to invest in protecting themselves against attacks of this kind,” he added.

The survey also revealed the evolving technology landscape is making security more challenging, with 76% of respondents stating that with cloud computing and increased use of personal mobile devices for work purposes, the ability to maintain consistent security and availability policies has become more difficult in the past three years.

However, respondents are still looking to innovate and take on board opportunities to drive efficiencies in their business. More than a quarter of respondents are looking to use software defined networking (SDN) technologies in their datacentre in the near future, but 20% believe SDN environments are more vulnerable to attacks. The top three security concerns are bugs and vulnerabilities in the applications (26%), the exploitation of centralised controllers (21%) and the development and deployment of malicious applications on controllers (15%).

Source: http://www.computerweekly.com/news/4500248055/Complacency-about-DDoS-attacks-puts-businesses-at-risk-survey-shows

Email and hosting biz Freeparking has run into yet more trouble after being hit by a DDoS attack today.

One customer told us this morning: “I have several domains which rely on Freeparking’s name servers. All of them have been unresolvable since around 8:50am.”

Another got in touch to say the site went down before 9am, saying the outage had also hit customers’ hosted sites. Email services were also offline.

In a statement Freeparking said: “We are working in co-ordination with our data centre team to mitigate this attack as soon as possible.”

Customers have already been grumbling at not having access to their emails and websites from domain names and web hosting company Freeparking for more than a week, due to a migration issue.

One customer said he had been without email since 25 May.

At the time of publishing, customers were still reporting issues related to the attack. On Twitter they said:

DOS attack on #freeparking causing web and email outage on our Ed and Family companies. Media ok as hosted elsewhere.

— Stuart Lee (@stuarthlee) June 9, 2015

@freeparking Last update was an hour and a half ago. Please let us know likely ETA so we can decide whether to move sites.

— buscms.com (@buscmscom) June 9, 2015

@freeparking what the hell is going on? More comms needed

— Berni (@guncupboard) June 9, 2015

Source: http://www.theregister.co.uk/2015/06/09/freeparking_hit_by_ddos_attack/

A 17-year old boy from Idaho has been accused of paying a hacker to launch DDoS attacks against his school district.

The teen reportedly hired a third party to organise a week’s worth of distributed denial-of-service campaigns this month against the West Ada school district – the largest educational district in the state. The cyberattacks affected networks at all 52 schools including payroll, online textbooks, virtual teaching and standardised testing.

DDoS attacks coordinate computers around the world to overwhelm a server and cripple its processing ability. The ‘service’ is readily available for hire online for a surprisingly low cost – a brief browse discovered a bargain deal at $260/week.

The district’s IT staff managed to trace the IP address to a 17-year-old at Eagle High School. Another student at middle school level is also allegedly under investigation for a similar attack shortly afterward.

At the time of the hacking many students were undertaking Idaho Standard Achievement Testing online. The DDoS attacks caused the school systems to lose the test and results data and students were required to re-sit their exams multiple times.

According to a report by KTVB-TV News, the teen has been arrested and may face State and Federal computer crime felony charges. If the unnamed student is found guilty he is likely to have to serve up to 180 days in juvenile prison. The suspect has also been suspended from Eagle High and risks potential expulsion.

The minor’s parents are being held financially responsible for the damage caused by the attacks.

This is not the first time a teen has attempted to bring down their school system. In April this year, a 14-year-old in Florida managed to sidestep his middle school’s IT security using just his computer skills to access to the main server and locate files containing data from FCAT, Florida’s standardised comprehensive assessments.

Source: http://thestack.com/teen-hires-hacker-ddos-attack-school-district-260515

Think back to when you were a kid. No matter how well-adjusted and even-tempered you were (or weren’t) there was at least one other kid you just could not stand. You hated his face, his hair, his teeth, the way he talked, the way he looked at you, and the way he just existed. Remember the way he’d eat his sandwiches? He ate his sandwiches like a jerk.

Chances are, though, that no matter how much you couldn’t stand him, you didn’t go marching over to throw a dozen eggs at his house. The chances of getting caught were too high. You’d get in trouble. Everyone would know you did it and your parents would be mortified. But what if there had been a machine you could have secretly put a dollar in from several blocks away, and it would have rolled up in front of that kid’s house and started firing eggs? All that mess and damage, with none of your fingerprints on the eggshells. It would have been a strong consideration, right?

That business model all grown-up is how a group of people running services called Booters or Stressers are making a pretty sweet little profit offering DDoS attacks for hire.

DDoS and Booter Basics

DDoS is the acronym for a distributed denial of service attack, which is so named because it denies the use of a website and its services to legitimate users by suspending or disrupting the services of an internet-connected host. Booter services — which is a term that can be used interchangeably with Stresser services — offer DDoS attacks to anyone willing to pay for them.

With a Booter, users typically pay a fee and are given access to a user-friendly platform from which they can choose their target and get to DDoS-ing.

To give you an example of the cost-friendliness of this lovely service, one sample Booter charges $40 USD/month (£25) for an unlimited number of DDoS attacks lasting one hour.

What DDoS Can Do

The main area where the egg-firing machine analogy falls apart is in the potential damage. Even with a super-powerful egging machine, the worst possible damage is probably a broken window.

But a DDoS attack? One hour of a DDoS attack can cost an organization $40,000 (£25,000). That’s not even mentioning the software or hardware damage that can be done, the IP theft, financial data theft, loss of revenue and loss of consumer trust that can happen.

In order to inflict damage, a would-be DDoS attacker with access to a Booter service doesn’t even have to unleash the attack. DDoS ransom notes where someone demands a set amount of money in exchange for not hitting that website with a DDoS attack are becoming increasingly common.

Who Does That?

DDoS attacks are wildly common, and Booter services are popular enough that there are plenty of them online with their numbers always growing. That begs the question: who is it that’s using these websites?

The answer is depressing because your website could potentially be made a target by just about anyone. Business rivals are an obvious choice, but when you factor in the chance to make fast money from a DDoS ransom note, your potential attacker net widens considerably. Kids who don’t know who you are and have never visited your website before might be keying your url into a Booter.

While many Booter-for-hire users are unsurprisingly gamers who pay the Booter fee in order to DDoS Minecraft servers and similar websites, there have been some high profile attacks from the people behind these services.

The Lizard Squad, famous for its attacks on Sony Playstation Network and Microsoft’s Xbox Live, claimed those major attacks were simply advertisements for their Booter service.

Could a Booter Get to Your Website?

DDoS attacks have been found to affect 45 per cent of organizations — that’s very nearly 1 in 2. And with Booter services and DDoS ransom notes gaining popularity, that number could very well rise.

If you’re considering whether or not you should look into professional DDoS mitigation, and you haven’t yet decided that you absolutely should, consider this: you could pay for months of DDoS protection with what you might end up paying in a single ransom.

It isn’t nice to think that your website could fall victim to a DDoS attack. It’s even worse to think that the attack might come from someone hiding behind a Booter.

While you ultimately may not have plugged a dollar into that egging machine due to your own principles, there are plenty of people out there who don’t mind being cowardly in order to unleash a DDoS attack or make a quick buck on a ransom note. That’s the reality your website is living in.

Published under license from ITProPortal.com, a Net Communities Ltd Publication. All rights reserved.

Source: http://betanews.com/2015/05/25/ddos-for-hire-services-what-you-need-to-know/

The University of London Computer Centre fell victim to a cyber-attack on Thursday.

The assault left Moodle – an open-source learning platform – out of action for several hours on Thursday morning before normal service was restored.

Technicians initially estimated problems were down to firewall configuration issues, before realising actual humans were behind the problem, as status messages on the ULCC website explain.

All our services are now up and running again! The networking issue was caused by a cyber-attack.

We have taken action to block the source. An incident report will be produced and shared in due course.

George Anderson, director at security software firm Webroot, said that the timing of the attack just before students sit their finals is unlikely to be a coincidence.

“This attack was clearly implemented to have maximum impact on a system that would have been at peak usage around exam time,” Anderson said.

“While it’s positive to see that staff at ULCC have got the system back up and running, over four hours of ‘complete shutdown’ is not an acceptable time-period in most businesses cases.”

“Hopefully, this case will serve as a warning to other organisations, encouraging them to ensure that they have an effective strategy in place to make sure user experience is impacted as little as possible,” he added. ®

Source: http://www.theregister.co.uk/2015/05/22/university_of_london_ddos_attack/