Pavel Vrublevsky, the co-founder and owner of ChronoPay, one of Russia’s largest e-payment providers, was found guilty of masterminding a DDoS attack on Aeroflot’s website in 2010, RAPSI reports from the courtroom on Wednesday.

Vrublevsky, Maxim Permyakov and Igor and Dmitry Artimovich were charged with organizing a DDoS attack on Aeroflot’s website, which is run by the Assist processing company. Aeroflot’s online ticket sales system was down for several days.

The investigators believe that Vrublevsky tried to terminate a service contract to sell e-tickets between Aeroflot and Assist in July 2010, thus eliminating a rival firm.

According to the Prosecutor General’s Office, Vrublevsky instructed Permyakov, the Chief Security Expert at ChronoPay, to hire the Artimovich brothers to hack into Aeroflot’s website. The brothers, who used a network of virus-infected computers, were paid over $20,000.

They attacked the website from July 15 to 24, blocking the e-ticket payment system.

The firms incurred substantial financial losses. Assist lost 15 million rubles ($488,090) and Aeroflot lost more than 146 million rubles ($4.75 million).

Acting upon an appeal filed by the defense lawyers earlier, the court dropped the charges under Article 273 of the Criminal Code, which stipulates a punishment for creating a harmful program, due to the expiration of the statute of limitations.

The case is being heard under Article 272 on illegal access to computer information protected by law, which resulted in its destruction, blocking, modification or copying.
Aeroflot is a member of the SkyTeam global alliance and is based at the Sheremetyevo Airport in Moscow. In 2011, Aeroflot transported over 14 million passengers. The Federal Agency for State Property Management is Aeroflot’s main shareholder with a 51.17% stake. Around 15% of the airline is held by companies belonging to businessman Alexander Lebedev.


A quarter of UK companies have experienced a distributed denial-of-service (DDoS) attack, with telecoms and e-commerce the most targeted sectors.

According to research by Neustar, 22 per cent of the 381 UK businesses it surveyed had experienced a DDoS attack, of which, 53 per cent of telecoms, 50 per cent of internet/e-commerce and 43 per cent of retail were affected.

Talking to SC Magazine, Susan Warner, market manager for DNS services and DDoS solutions at Neustar, said that there is not a network that has not experienced a DDoS attack and asked what the cost could be if a site is down for a period of time.

She said: “Also consider the impact on IT, how many people are being consumed by a DDoS attack and what are they losing operationally? What we are seeing is a cost impact, but cost and risk management will feel the impact.”

The survey discovered that the IT team would be the hardest hit according to 69 per cent of respondents, while 57 per cent said customer service would feel the effect. In terms of how many people were required to mitigate an attack – 40 per cent said two to five people, 35 per cent said only one person, while 12 per cent said more than ten would be required.

The attack sizes being launched on UK businesses are not big; 40 per cent said that they are less than 100Mbps, while 30 per cent said that they are less than 1Gbps. However, 22 per cent can persist for over a week, although 63 per cent can last less than a day.

Warner said: “When you are being [attacked by a] DDoS constantly, there is an impact on the IT team. DDoS is not just taking down the website and interface, but also [affects] critical communications.”

Asked what companies use to defend against a DDoS attack, 72 per cent said a firewall, 40 per cent a router and 32 per cent switches. A third (34 per cent) has deployed specialist technology – 20 per cent a cloud-based DDoS service, nine per cent IP-based prevention and five per cent DDoS hardware.

Source: For protection against your eCommerce site click here.

Distributed denial of service attacks are one of the biggest threats to the internet, with one recent report indicating that there are more than 7000 attacks every day – a figure considered by many experts to be conservative.

One of the primary functions of DDoS is to extort the victim. In her paper on DDoS, Molly Sauter draws a distinction between hacktivist DDoS (for civil disobedience) and criminal DDoS (for financial gain). Now Corero Network Security is warning of growth in the latter, and predicting an increase in DDoS aimed at online gaming and particularly gambling sites over a summer of sport.

The standard methodology, Corero’s CEO Ashley Stephenson told Infosecurity, is to preface the threat with some minor incursion on the network. Then follows the warning message: check your logs; we did that – and unless you pay us a very large amount of money we’ll bring your network down.

The threat is real and the consequences severe. In reality, most large companies refuse to pay, said Stephenson. Slush funds are increasingly difficult to maintain and disguise, not least in the UK following the Bribery Act. Any payment would usually need to be paid via some third-party ‘services’ company; and the criminals would want payment in something like bitcoins or Paypal (and one of the largest clearing houses for illegal money, Liberty Reserve, was shut down by the FBI in May.) A secret payment is not easy to organize.

But refusing to pay has its own problems: the fulfillment of the threat. “These attacks go beyond simple annoyance,” said Stephenson, “with an average cost of over £150,000 per DDoS attack.” The evolution of ‘reflection’ attacks, where an attacker can increase the attack bandwidth eightfold by using open resolvers, means that small groups can now deliver major DDoS attacks – up to and beyond 100 Gbps.

The result is a growing, but hidden, crime. Neither side likes to talk publicly. “More often than not these blackmail threats go unreported,” said Stephenson. “We tend to hear about them,” he added, “when a threat is received and a decision taken to ignore it.” Companies then turn to specialist DDoS mitigators such as Corero to ensure their defenses.

The alternative, paying up, is no solution. “Some companies opt to pay the ransom rather than go public with the attack in the hope that this will satisfy the hackers, though this is rarely the case and may lead to the site continually being targeted.” It’s a difficult decision for a company that entirely relies on its uptime for its business. Prevention, through DDoS preparation, is far better than cure – and is the only real solution to a summer of hidden DDoS crime.


June 19th, 2013

When distributed denial-of-service (DDoS) attacks first started appearing in the late 1990s, the response from businesses was broadly similar to that of most new cyber threats: A shrug of the shoulders and an ‘it won’t happen to me’ attitude.

Then, as they became more prevalent, companies began to take notice. Yet until relatively recently, products that could successfully defend against a DDoS attack weren’t available to many businesses. Businesses that did get hit had no option but to grin and bear it.

Vendors now offer a wide range of mitigation solutions that offer protection to companies that find themselves under siege. While their effectiveness can’t be guaranteed, it allows firms to be proactive and put together defence strategies, instead of simply waiting to be targeted.

The frequency of DDoS attacks is growing at a frightening rate, with one report claiming a 200 per cent annual increase.

A week rarely goes by without the media running a story about a high-profile victim of a successful DDoS attack. With our always-online culture coupled with businesses migrating more of their services onto the internet, the threat has become more acute.

This increase in attacks and greater public awareness has moved DDoS onto all businesses’ risk dashboards – from start-ups to multi-national corporations, but simply putting mitigation measures in place and hoping for the best isn’t enough.

It’s been suggested that defending against a DDoS attack can cost as much as £2.5 million. Although this may be an overestimation, businesses do need to be certain that their mitigation investment will pay dividends.

In other areas of cyber security, the cost effectiveness of this type of investment can be assessed. For instance, a penetration test can measure how effective a network’s defences are and pinpoint vulnerabilities. But with a DDoS attack, how do you know that your investment is worthwhile, until it’s too late?

There’s also practical preparation to think about too. Do IT employees and service providers know what a DDoS attack will look like? Do they know the signs to look out for, and do they know their role during an attack scenario?

In the workplace, we all know what to do if there was ever a fire because of fire drills; we run over the steps we¹d need to take so that, should the real thing happen, we are prepared.

That is exactly the mind-set that businesses should have when it comes to DDoS attacks, and why we’ve created a DDoS fire drill service. Building on our DDoS assured simulation service – which emulates a real attack through our own botnet in a secure, controlled manner – we can test businesses with a controlled, low level DDoS attack and allow them to test their response processes.

While we control the attack, companies can examine staff and supplier reaction and ensure realistic procedures are in place to manage not only the attack itself, but also discourse with the supply chain without having to wait until a real attack occurs.

For instance, working out whose responsibility it is to phone the necessary third parties might seem like an inconsequential issue, but if employees don’t know their roles or have never had a chance to practice then it shouldn’t be assumed.

What about the mitigation solutions that aren’t fully automated? Whose role is it to man them, and do they know how? With the DDoS fire drill, everyone can learn exactly what part they’re expected to play. When the fire alarm goes off, employees know exactly where to go -­ it should be the same once the tell-tale DDoS signs appear.

Being prepared and ready is paramount when it comes to any emergency, and cyber security is no different. Too many businesses are like rabbits in the headlights once a DDoS attack starts. But prepare and practice accordingly and it is possible to minimise the damage.

For protection against your eCommerce site click here.


Anonymous, the international collective of hackers and activists, has continued its online cyberattack on Turkey’s Internet infrastructure that began over the weekend. In response to a violent police crackdown of protesters and censoring communications, Anonymous launched #OpTurkey and have now hacked over 100 Turkish websites, including several belonging to the Turkish government.

“We will attack every Internet and communications asset of the Turkish government,” Anonymous threatened in a YouTube video posted Sunday. “You have censored social media and other communications of your people in order to suppress the knowledge of your crimes against them. Now Anonymous will shut you down, and your own people will remove you from power.”

Anonymous used distributed denial of service, or DDoS, hacks to overload servers and knock target websites offline. In addition to websites belonging to the Turkish government, political parties and police department, Anonymous hacked websites belonging to media outlets that support Prime Minister Tayyip Erdogan. One example was the private news broadcaster NTV, which was criticized for not reporting on the police brutality.


Other Turkish websites were hacked and defaced to include images supporting the protesters in Turkey. Several Tunisian hackers got involved with #OpTurkey and claim to have hacked more than 145 Turkish websites.

The Turkey protests began as a peaceful demonstration against plans to build over Gezi Park in Taksim Square. The protest changed to a call for Erdogan to resign and police responded with tear gas and pepper spray. Several international human rights groups have condemned the police action in Turkey as excessive use of force.

Turkish protesters have said that the government has shut down Internet connections and censored social media websites in an attempt to hide the police brutality. While these reports haven’t been confirmed, Erdogan has expressed distaste for social media, calling it “menace.” To combat, Anonymous has shared how to use encryption software to evade government censors and have tweeted passwords to free virtual private networks.

Earlier this year, Anonymous launched cyberattacks against North Korea and Israel and hacked several government websites. Last week, Anonymous joined a protest in solidarity with the hunger strike in Guantanamo Bay, effectively making the protest the No. 1 topic on Twitter.