Showing posts with label DDoS. Show all posts
Showing posts with label DDoS. Show all posts

Friday, 4 November 2016

DDoS attacks so powerful entire countries can be cut from the internet

Liberia has become the latest victim of the Mirai botnet



There has been another worrying development when it comes to massive-scale DDoS attacks, with the latest victim being an entire country – Liberia over in Africa, to be precise.
And as you won’t be surprised to hear if you’ve been following these stories, this is another assault which leverages the Mirai botnet to fire tons of traffic at the victim – that’s been the source of all these big attacks since the first massive volley against security researcher Brian Krebs (which reached some 620Gbps).
As ZDNet spotted, apparently the Mirai botnet employed in the attacks against Liberia is known as Botnet #14, and security expert Kevin Beaumont observesthis is the largest such botnet – consistently capable of producing over 500Gbps – which appears to also be the source of the recent massive attack on Dyn.
The hit on Dyn, which is a DNS provider, caused a massive web outage a fortnight ago, knocking out all manner of sites including Twitter, Netflix and Spotify.
Liberia has apparently suffered at the hands of a number of DDoS attacks which are short by nature, but worrying because they’re pretty much taking the entire country offline.

Glaring weakness 

As Beaumont observes, that’s because Liberia relies on a single pipe for its internet access, and so has a single point of failure (and it’s not the only country like this). Websites hosted in Liberia were downed, and a journalist Beaumont spoke to said that internet connectivity was going offline at times matching the DDoS blasts.
Beaumont noted: “The attacks are extremely worrying because they suggest a Mirai operator who has enough capacity to seriously impact systems in a nation state.”
The truth is that few people are on the internet in Liberia anyway – only around one in 20 of the population – but ZDNet also managed to get some confirmation from a person returning to the country, who said they experienced ‘minor interruptions’ to their internet usage on Wednesday evening.
But given the low-profile target country and the very short nature of the attacks, it seems that this is just the botnet’s owner(s) testing out firepower against a nation. It’s what might come next that’s worrying, of course, when the DDoS cannons are aimed and let loose with a sustained barrage.
As we saw with the Dyn affair, the sort of damage these large-scale attacks can now muster is quite frightening. And worse still, there’s the prospect of Mirai being cranked up in terms of its potential power as more easily compromised IoT devices (security cameras, DVRs, routers and so on) are hacked and join the massing botnet ranks.
The other major concern is the use of possible DDoS amplification techniques, such as the one we reported on last month, which could potentially be used to inflict assaults of 35Tbps or even more by seriously powering up these botnet-based attacks.
Source: http://www.techradar.com/

Friday, 28 January 2011

FBI goes after Anonymous suspects

The FBI has carried out over 40 searches in an investigation into cyberattacks launched by the Anonymous group in support of whistle-blower site Wikileaks. 

The swoop on Thursday was part of an international police operation that included the UK Metropolitan Police Central eCrime Unit (PCeU), the FBI said. It follows the arrest of five young men in the UK on suspicion of involvement in the same Operation Payback series of distributed denial-of-service attacks (DDoS).

Anonymous FBI investigation

Anonymous's Operation Payback took down sites like visa.com after the company stopped accepting Wikileaks' payments. Credit: Elinor Mills/CNET News


"FBI agents today executed more than 40 search warrants throughout the United States as part of an ongoing investigation into recent coordinated cyberattacks against major companies and organisations," the FBI said in a statement on Thursday. "The victims included major US companies across several industries."

The Anonymous group of online activists has claimed responsibility for a series of successful attacks against websites belonging to businesses including Visa, MasterCard and PayPal, which stopped processing payments destined for Wikileaks.

The five men arrested in the UK have been granted police bail, the Met said in a statement on Friday. The three youngest — who are aged 15, 16 and 19 years old — must report to police on 13 April, while the oldest two — aged 20 and 26 — must report on 14 April.


Anonymous and DDoS: I predict a riot

The international police operation into the Operation Payback attacks was led by the PCeU, a Met spokeswoman told ZDNet UK. The other participants were: the FBI; the US Secret Service; and the national criminal police departments of the Netherlands — Korps landelijke politiediensten (KLPD), Sweden's Rikskriminalpolisen (RKP) and Germany's Bundeskriminalamt (BKA).

French authorities were also involved, according to the FBI.

Antivirus companies have put out updates to detect the Low Orbit Ion Canon (LOIC) tool thought to have been used in the attacks, the FBI said, adding that the US's National Cyber-Forensics and Training Alliance is helping in the investigation.



Wikileaks and Julian Assange. Shlomo ben Ami, Avigdor Lieberman, the Mossad... WikiLeaks documents expose US foreign policy conspiracies. All cables with tags from 1 5000 [DOES NOT CONTAIN TEXT OF CABLES] Inside WikiLeaks: My Time with Julian Assange at the World's Most Dangerous Website WikiLeaks: Removing the 'top secret' seal WikiLeaks Liberty Dark T-Shirt by CafePress