Several popular news websites reporting about Uzbekistan were hacked in the morning of November 18 with the clear objective to silencing their independent voices.

The so called DDOS-attack brought to a halt the work of the two independent news sites – Fergana.ru and Uzmetronom.

Fergana.ru editor-in-chief

This time it (the hacking attack) was very powerful, more than 1Gbps.”
Daniil Kislov

Daniil Kislov told Uznews.net that it is unclear who instigated the attack against his site but it was an unusually powerful one – more than 1Gbps.

“The experts know that not a single unprotected server can withstand an attack of such magnitude. We are currently working on a whole series of protection measures and hope that our site will be back online within the next 24 hours,” says Kislov.

Practically all independent news, activist or opposition websites have fallen victim to DDOS attacks at some point or another. Denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a machine or network resource unavailable to its intended users.

Source: http://www.uznews.net/news_single.php?lng=en&sub=hot&cid=4&nid=24427

A host of investment banks and industry bodies will gather in a London location this afternoon to test their resilience to cyber attacks.

Operation Waking Shark 2 will last only a few hours, and will see how banks, law enforcement and industry groups including the Bank of England, would react to hacker attempts on their communications infrastructure.

It will not look at breaches of servers, or where customer data has been stolen, a spokesperson told TechWeekEurope, indicating the stress tests will look at kinds of denial of service attacks.

Bank cyber attacks

Around 100 people will be taking part, as cyber attack scenarios are thrown out to the separate teams. A report will be produced in the new year.

The operation follows the original Waking Shark tests from 2011, which looked at attacks surrounding the 2012 Olympic Games.

Industry experts believe banks need to do more than just look at communications security in the future. “With so many people and paper-based activity focusing on policies and procedures, this exercise may be more of a logistical planning exercise instead of a simulated practice run,” said John Yeo, EMEA director at Trustwave.

“What needs to be implemented are real world attack scenarios that truly test the businesses’ incident response plans.

“The more important issue is what are they communicating about, and what happens when an attack is more subversive, and not immediately obvious when it strikes.  In our experience, the majority of organisations that suffer a breach do not realise for some time that they have been hit, let alone where the attack originated from, and how it works.”

Banks continue to be battered by various kinds of attack. Throughout last year and in early 2013, distributed denial of service (DDoS) attacks against US banks were especially common, taking customer-facing services offline.

A Trend Micro report released this week showed banking malware had surged in the third quarter. Infection counts surpassed the 200,000 mark, the highest infection numbers since 2002.

Source: http://www.techweekeurope.co.uk/news/banks-cyber-attack-tests-131568


Researchers have uncovered software available on the Internet designed to overload the struggling Healthcare.gov website with more traffic than it can handle.

“ObamaCare is an affront to the Constitutional rights of the people,” a screenshot from the tool, which was acquired by researchers at Arbor Networks, declares. “We HAVE the right to CIVIL disobedience!”

In a blog post published Thursday, Arbor researcher Marc Eisenbarth said there’s no evidence Healthcare.gov has withstood any significant denial-of-service attacks since going live last month. He also said the limited request rate, the lack of significant distribution, and other features of the tool’s underlying code made it unlikely that it could play a significant role in taking down the site. The tool is designed to put a strain on the site by repeatedly alternating requests to the https://www.healthcare.gov and https:www.healthcare.gov/contact-us addresses. If enough requests are made over a short period of time, it can overload some of the “layer 7″ applications that the site relies on to make timely responses.

The screenshot below shows some of the inner workings of the unnamed tool.

The tool fits a pattern seen in the previous years of hacktivist software available for download that’s customized to take on a specific cause or support a particular ideology.

“ASERT has seen site specific denial of service tools in the past related to topics of social or political interest,” Eisenbarth wrote, referring to the Arbor Security Engineering and Response Team. “This application continues a trend ASERT is seeing with denial of service attacks being used as a means of retaliation against a policy, legal rulings or government actions.”

The full text of the screenshot reads:

Destroy Obama Care.

This program continually displays alternate page of the ObamaCare website. It has no virus, trojans, worms, or cookies.

The purpose is to overload the ObamaCare website, to deny service to users and perhaps overload and crash the system.

You can open as many copies of the program as you want. Each copy opens multiple links to the site.

ObamaCare is an affront to the Constitutional rights of the people. We HAVE the right to CIVIL disobedience!

Of course, there’s no way of knowing who wrote and posted the tool, which has been mentioned on social media sites. It’s certainly possible that it’s the work of critics of President Obama’s healthcare legislation. But until we learn more, there’s no way to rule out the possibility that it was developed by an Obamacare supporter with the hope of discrediting critics.

Source: http://arstechnica.com/security/2013/11/new-denial-of-service-attack-aimed-directly-at-healthcare-gov/

DDoS attacks

IBM’s recently discovered an alarming fact: distributed denial-of-service (DDoS) attacks are rapidly increasing. The company released a report that offers insight on the attacks and reasons to why they’re being performed. According to the IBM Cyber Security Intelligence Index the average number of attacks on a single organization in a week is 1,400 attacks, with an average of 1.7 incidents per week.

DDoS Attacks? What Are Those?
You might be wondering, what exactly is a DDoS attack? And what’s the difference between attacks and incidents? IBM defines attacks as security events that correlation and analytic tools identify as malicious activity trying to collect, degrade, or destroy information system resources or the data itself. This includes URL tampering, denial of service, and spear phishing. Incidents, on the other hand, are attacks that human security analysts review and deem a problem worthy of deeper investigation.

Who’s Targeted and Why
Malicious codes and sustained probes are the two most common attacks that make up for over 60 percent of incidents. A sustained scan is reconnaissance activity that’s designed to gather information, like operating systems or open ports, about targeted systems. Malicious codes can be Trojan software, keyloggers, or droppers. It is software created to gain unauthorized access into systems and gather information.

The manufacturing industry is the number one targeted industry with 26.5 percent of DDoS attacks directed towards it. Almost 21 percent of attacks are directed at finance and insurance, and 18.7 percent at information and communication. Health and social services and retail and wholesale are targeted 7.3 and 6.6 percent of the time, respectively.

There are a handful of reasons perpetrators execute their invasions. Nearly half of all attacks are opportunistic, meaning that they takes advantage of existing vulnerabilities without any motivation other than to do damage. Twenty three percent are done because of industrial espionage, terrorism, financial crime, or data theft. Perpetrators discontented with their employers or job account for 15 percent of attacks, while only seven percent constitute attacks done in the name of social activism or civil disobedience.

How Do We Stop the Attacks?
Humans are the number one cause of vulnerability in organizations. Forty-two percent of the breaches that happen are due to misconfigured systems or applications. End-use errors make up 31 percent of the breaches, while 6 percent is because of both vulnerable codes and targeted attacks. It’s important to crack down on online security protocol with employees to prevent your business from falling victim to these attacks.

IBM offers two essential pieces of advice to help organizations prevent incidents: building a risk-aware culture and managing incidents and response. There should be no tolerance if colleagues are careless about security; it is the management’s job to enforce stricter regulations on company security and to track company progress. It is crucial to implement company-wide intelligent analytics and automated response capabilities. Enterprises can easily monitor and respond to systems that are automated and unified.

Click on the image below to view the full infographic.

new DDoS full

Back in July, domain name registrar giant Network Solutions experienced a significant Distributed Denial of Service (DDoS) attack. As I noted at the time, given that this was the second time in recent months they had been a target, and given they are such an inviting one because of the critical place they occupy in how the Internet functions, they seemed to be ill-prepared. This included a lack of preparation before the attack to assure rapid remediation, a lack of transparency during the attack in terms of keeping customers informed, and what appears to be a lack of ability to learn from their mistakes in anticipation of what had to be assumed would be continued testing by those with malicious intent.

Unfortunately, if you are not painfully aware already, it should come as no surprise that Network Solutions is once again experiencing problems, and as baseball sage Yogi Berra is famously quoted as saying, “It is , Déjà vu all over again!:

First let go to the Twitter feed of the company #netosl.

Let’s just say frustration abounds now that we appear to be roughly in hour three of the as-yet -unidentified problem.

I think one tweet from the website I like when three are such problems, isitdownrightnow.com kind of says it all.

In fact, here is the latest from www.isitdownrightnow.com.

Worst of all, and this is what is so disturbing is the current view from www.networksolutions.com. To save you a visit and disappointment there is NOTHING there to indicate there is a problem. In fact, indulge yourself in a little exercise and go to Twitter #netsol again and click the other links for getting company info. It might compel you to send a few words.

It appears that things are getting back to normal for most if not all Network Solutions customers, and that is a good thing. What is not so good, and I am trying hard to give the company the benefit of the doubt given that they are dealing with this in real-time and may not have a complete view of why the outage occurred, is the continued lack of customer engagement.

This is really getting repetitive and management should take a good hard look in the mirror and figure out if they would put up with such behavior from a “trusted” vendor.


image via shutterstock

As King Henry V intones in his famous, “Cry God for Harry, England, and Saint George!” speech in William Shakespeare’s play Henry V, Act III (penned in 1598), “Once more into the breach!”

We will let you know what’s known about the outage once there is clarity. Hopefully, that will be sooner rather than later.

Source: http://www.techzone360.com/topics/techzone/articles/2013/10/22/357640-network-solutions-down-once-more-it-deja-vu.htm