In the past three years, Akamai has seen 2,000% increase in the number of DDoS attack incidents investigated on behalf of its customers. The latest State of the Internet report released today by Akamai also identifies top countries from which this observed attack traffic originates, as well as the top ports targeted by these attacks. more
Every couple of years there's a new "hot threat" in security for which vendors abruptly tout newfangled protection and potential customers clamor for additional defense options. Once upon a time it was spyware, a few years ago it was data leakage, and today it's mobile malware. It's a reoccurring cycle, analogous to the "blue is the new black" in fashion -- if you fancy adopting a certain cynical tone. more
A lot of pixels have been spilled in the last few years about "advanced persistent threats" (APT); if nothing else, any high-end company that has been penetrated wants to blame the attack on an APT. But what is an APT, other than (as best I can tell) an apparent codename for China? Do they exist? After thinking about it for a while, I came up with the following representation... more
The Japanese Defense Ministry is creating a computer virus capable of tracking, identifying and disabling sources of cyberattacks, according to reports. The development of the virtual cyberweapon was launched in 2008. Since then, the weapon has been tested in a closed network environment. "The most distinctive feature of the new virus is its ability to trace cyber-attack sources. It can identify not only the immediate source of attack, but also all "springboard" computers used to transmit the virus." more
Based on the total number of transactions, Zscaler reports botnets as the biggest security risk on the Internet for the enterprises. "Once a host gets infected, the botnet usually spreads quickly within an enterprise. It also generates a significant amount of traffic to the command and control server, to download additional malware or perform other actions." more
As DDoS attacks become larger, more frequent and complex, being able to stop them is a must. While doing this is part science, a matter of deploying technology, there is also an art to repelling sophisticated attacks. Arbor Networks, Citrix and others make great gear, but there's no magic box that will solve all your problems for you. Human expertise will always be a crucial ingredient. more
Here is the provisional list of the main Internet governance developments in 2011 and we need your help to compile a final list. Please let us know your views by: Making comments and adding any other development you think should be on this list. Join the webinar discussion on 20 December 2012 at 15.00 (CET). more
For many people the comments made by Michael Hayden, Former Director of the Central Intelligence Agency, at this week's Black Hat Technical Security Conference in Abu Dhabi may have been unsettling as he commented upon the state of Chinese cyber espionage. I appreciate the candor of his observations and the distinction he made between state-level motivations. In particular, his comment... more
As the weeks remaining in 2011 dwindle and 2012 peaks out from behind the last page of the calendar, it must once again be that time of year for purposeful reflection and prediction. Or is that navel gazing and star gazing? At the highest level of navel gazing you could probably sum up 2011 with one word -- "More"... But let's put that aside for now. What does 2012 hold in stall for us? more
South Korea's ruling party chairman has offered to resign over a cyberattack reported to have been orchestrated by an aide to one of the conservative party's lawmakers. The move comes after police concluded the distributed denial-of-service (DDoS) attacks on the election watchdog's website on the day of by-elections in October was masterminded solely by a 27-year-old aide to the ruling Grand National Party. The aide has also admitted to orchestrating a similar cyberattack on the website of Park Won-soon, who was elected Seoul mayor in the Oct. 26 elections. more
The United States White House Office of Science and Technology Policy (OSTP) has released a new report titled, Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program, specifying an agenda for "game-changing" cybersecurity R&D according to an official announcement today. The report is described as "a roadmap to ensuring long-term reliability and trustworthiness of the digital communications network that is increasingly at the heart of American economic growth and global competitiveness." more
Security analysis suggest troubling and escalating trends in the development of malware that exploits vulnerabilities on mobile devices. "From turning mobile devices into bots, to infiltration of mobile applications, driven by the use of personal devices in the workplace, cybercriminals are taking full advantage of this market," reports M86 Security Labs in its just released Threat Predictions Report. more
While at that same Virus Bulletin conference that I was talking about earlier in my other post, I also had the chance to check out a session on Chinese DDoS malware put on by some folks from Arbor Networks. As little insight as I have into Android malware, I know even less about Chinese DDoS malware. So what's Chinese DDoS malware like? What are its characteristics? more
The first joint cyber security exercise between the EU and US is being held today in Brussels, with the support of the EU's cyber security Agency ENISA and the US Department of Homeland Security. The day-long table-top exercise, named "Cyber Atlantic 2011", is using simulated cyber-crisis scenarios to explore how the EU and US would engage each other and cooperate in the event of cyber-attacks on their critical information infrastructures. more
According to reports today, hackers have attacked Palestinian servers, cutting off phone and Internet service across the West Bank and Gaza. Foreign governments are accused to be behind the attack. "Since this morning all Palestinian IP addresses have come under attack from places across the world," said the Palestinian communications minister today. Reneys reports these outages are the largest observed all year for this country, which normally has a fairly stable Internet. more