With Google's recent Postini addition, it now reports to be processing email for more than 35,000 businesses and 12 million end users, and blocking around 1 billion messages per day... "We saw a peak of activity in October 2007 where volume was a 263 percent increase from September 2006 and Postini blocked 47 billion spam messages, more than 320 Terabytes of spam (now that's a lot of spam). The average unprotected email user would have received 32,000 spam messages in their in-boxes so far this year. Talk about lost productivity. In fact, Nucleus research estimates unchecked spam can cost a company up to $742 per user." more»
Reported today: "Researchers at Google Inc. and the Georgia Institute of Technology are studying a virtually undetectable form of attack that quietly controls where victims go on the Internet." The Georgia Tech and Google researchers estimate that as many as 0.4%, or 68,000, open-recursive DNS servers are behaving maliciously, returning false answers to DNS queries. Unlike other DNS servers, open-recursive systems will answer all DNS lookup requests from any computer on the Internet, a feature that makes them particularly useful for hackers. They also estimate that another 2% of them provide questionable results. more»
Finjan Inc., a web security company, has released reports today on hackers and cyber-criminals using typosquatted domain names to infect visitors to legitimate websites and increase the lifecycle of cyber-attacks. Leveraging the similarity to legitimate and frequently used domain names is successfully enabling these attackers to go unnoticed by webmasters and security solution providers. more»
Increasingly-intense distributed denial-of-service (DDOS) attacks on ISP backbones are surpassing providers' capacity and knocking customers offline, according to a new survey of service providers by Arbor Networks. While most large ISPs have upgraded their backbones to 10-Gbit/s speeds over the past two years, three respondents said they have experienced sustained attacks from 20- to 22 Gbit/s, and one hosting services provider in the survey reported a 24-Gbit/s DNS-targeted attack. The most powerful sustained attack previously was 17 Gbit/s, which was reported in last year's survey by Arbor. more»
BBC News is running Vint Cerf's personal view on the Internet's future. From the article: "Improving the resilience and resistance to attack of key infrastructure such as the Domain Name System (the phone book of the internet) and the routing system will be major focal points for near-term internet development. Introducing DNSSEC (security for the Domain Name System) and the digital signing of address space by the Regional Internet Registries will assume much higher priority..." more»
The distributed denial of service (DDoS) attack that brought down most of Estonia's internet infrastructure a few months ago, has been explored by Joshua Davis in a recent story at the Wired Magazine. "In the coming months, commentators around the world would look back at this moment and debate its significance. But for Aaviksoo, the meaning was clear. This was not the first botnet strike ever, nor was it the largest. But never before had an entire country been targeted on almost every digital front all at once, and never before had a government itself fought back..." more»
At the Black Hat conference, security researcher Dan Kaminsky showed how problems in the way browser software works with the Internet's Domain Name System (DNS) could be exploited to give attackers access to any resources behind the corporate firewall. The key problem is the way web browsers determine how to trust other computers, says Kaminsky. This decision is based on the Internet domain name of the computer, and that DNS information can be misused... more»
In a recent report released by Trusteer, security researcher Amit Klein has cracked BIND's random number generator and demonstrated a new attack affecting most Internet users. In this "DNS Forgery Pharming" attack fraudsters can remotely force consumers to visit fraudulent websites without compromising any computer or network device. more»
According to a new research study, companies are in struggle to keep their DNS (Domain Name Systems) protected from malicious attackers. Many businesses remain vulnerable, as over half the respondents reported having fallen victim to some form of malware attack. Over one third had been hit by a denial-of-service attack while over 44 percent had experienced either a pharming or cache poisoning attack. more»
This week, experts sent two drafts to the Internet Engineering Task Force (IETF) proposing different ways of fixing a problem in the way that Internet Protocol version 6 (IPv6) allows the source of network data to determine its path through the network. The drafts recommend that the IPv6 feature should either be eliminated or, at the very least, disabled by default. more»
Massive networks of infected computers controlled by attackers worldwide will serve as a powerful engine for the new breed of so-called P2P worm that is currently echoing across cyberspace.
Security experts have predicted over the last several years that botnets of hijacked PCs would pose one of the staunchest challenges faced by the IT community as criminals discovered new ways to use them to deliver attacks. more»
Microsoft is investigating attacks exploiting a vulnerability in the Windows Server Domain Name System Service, as well as two types of hacks targeting Vista's OEM BIOS activation feature... "Our investigation reveals that this vulnerability could allow a criminal to run code in the security context of the Domain Name System Server Service, which by default runs as Local SYSTEM," a Microsoft spokesperson said. more»
The US Department of Homeland Security (DHS), which was created after the attacks on September 11, 2001 as a kind of overriding department, wants to have the key to sign the DNS root zone solidly in the hands of the US government... During the current ICANN meeting in Lisbon, Bernard Turcotte, president of the Canadian Internet Registration Authority (CIRA) drew everyone's attention to this proposal as a representative of the national top-level domain registries (ccTLDs). more»
During the attack, which lasted almost eight hours, six of the 13 root servers that form the foundation of the Internet's DNS were targeted, ICANN said. However, only two were noticeably affected. These two did not have Anycast installed because the technology was still being tested, ICANN said.
"With the Anycast technology apparently proven, it is likely that the remaining roots--D, E, G, H and L--will move over soon," ICANN said. The letters refer to the five of the 13 official root DNS servers that do not yet have Anycast installed. more»
ICANN has released a factsheet concerning the recent attack on the root server system on 6 February 2007. The factsheet is intended to provide an explanation of the attack for a non-technical audience and hopes to enlarge public understanding surrounding this and related issues.
Aside from covering the attack itself and the engineers' response to it, the factsheet also briefly reviews the root server system, the domain name system, Anycast technology, and what can be done in order to deal with such attacks in future. The fact sheet can be downloaded here [PDF]. more»
