Over the last few years, there has been an increased effort to modernize the U.S. electric grid. Building a "Smart Grid" has been central in the effort to help utilities better manage their resources, minimize power outages and reduce energy consumption. However, adding more electronic devices and sensors to the grid's network has made it a prime target of cyberattacks, like Distributed Denial of Service (DDoS) attacks, which if successful, could cause wide-spread disruption of services affecting many other sectors. more
Since the end of last year, amplification attacks have been increasingly used by attackers and received heavy media coverage. Everyday protocols not given much thought before, like Network Time Protocol (NTP), can be asked in a very short remote command to send a very large response (list of 600 clients last connected to the NTP server) to a spoofed IP address (the target) by the requestor/attacker. more
Earl Zmijewski from Renesys reports: Yesterday, Indosat, one of Indonesia’s largest telecommunications providers, leaked large portions of the global routing table multiple times over a two-hour period. This means that, in effect, Indosat claimed that it “owned” many of the world’s networks. Once someone makes such an assertion, typically via an honest mistake in their routing policy, the only question remaining is how much of the world ends up believing them and hence, what will be the scale of the damage they inflict? more
There are quite a lot of NTP-amplified denial of service attacks going around at the moment targeting tech and ecommerce companies, including some in the email space. What does NTP-amplifed mean? NTP is "Network Time Protocol" - it allows computers to set their clocks based on an accurate source, and keep them accurate. It's very widely used - OS X and Windows desktops typically use it by default, and most servers should have it running. more
Here we are with CircleID's annual roundup of top ten most popular posts featured during 2013 (based on overall readership). Congratulations to all the participants whose posts reached top readership and best wishes to the entire community for 2014. more
In Part One of this series, we examined internal server, network and infrastructure monitoring applications. Now let's take a look at another way to capture DDoS information: external performance monitoring... Unlike network/infrastructure tools - which are usually installed inside a customer's network - external performance monitoring solutions are typically provided by a third party and leverage monitoring locations from around the world. more
Most cloud DDoS mitigation services are offered on demand meaning that customers can enable the service when they are the victim of a DDoS attack. But how can a company find out -- quickly -- that it is under attack? Sometimes it is difficult to know. In this three part series, we will examine multiple monitoring tools companies can use to capture DDoS, which can help determine whether you are under a DDoS attack. more
Google Ideas in collaboration with Arbor Networks has released a data visualization that maps daily, global DDoS attacks. The tool shows anonymous data linked to these attacks, allowing users to explore historical trends and make the connection to related news events. "The data is updated daily, and historical data can be viewed for any country worldwide." By surfacing this data and providing insights on the global patterns of DDoS attacks, the companies hope that more informed decisions can be made that can reduce the threat of digital attacks. more
Google today announced an initiative called "Project Shield", aimed at using its infrastructure to protect free expression online. "The service currently combines Google's DDoS mitigation technologies and Page Speed Service (PSS), which allow websites to serve their content through Google to be better protected from DDoS attacks." Google is currently seeking "trusted testers" and people with sites that serve media, elections and human rights-related content. more
In support of National Cyber Security Awareness Month, DDoS Awareness Day is a virtual, global event focused on raising awareness and education around the threat of DDoS attacks. Hosted by Neustar with and exclusive media partner CSO, DDoS Awareness Day brings together top experts in global security to share their views, technical tips and from-the-trenches experience. Attendees will also be given access to a wealth of DDoS materials: white papers, surveys, presentations, best practices and more. more
The world of Internet threats has changed continually over the years. From the time that a "worm" first showed up in the wild, or whenever someone penetrated a system without authorization for the first time, various forms of attacks and malware have presented dangers to the system and those who use it. Different vectors have received varied focus over the years... Many parts of the Internet community have been involved in addressing relevant issues and fostering efforts to combat them. more
In part one of this post we introduced the cyber response curve. In this post, we have outlined some observations which illustrate how different level of maturity and approaches can affect your cyber response curve. more
Many cyber attacks against companies today go unreported, and more still are undetected... Timing and context are everything. The faster a company identifies a problem, and the faster and deeper it is understood and its relevance to the business, the more effectively the company can respond. We call this squeezing the cyber response curve. This two-part post will discuss the current state of cyber threats, what the cyber response curve is and its impact your organization and how you can effectively squeeze this curve to improve attack response. more
Since last fall, several waves of distributed denial of service (DDoS) attacks have targeted major players in the U.S. banking industry. JPMorgan Chase, Wells Fargo and PNC were among the first to sustain intermittent damage. Eventually, the top 50 institutions found themselves in the crosshairs... In the months to come, security experts would praise the banks' collective response, from heightened DDoS protection to candid customer communications.. these larger institutions have learned some painful lessons that smaller firms might heed as they seek to minimize risks. more
According to a press release by the Openbaar Ministerie (the Public Prosecution Office), a dutch man with the initials SK has been arrested in Spain for the DDoS attacks on Spamhaus. more
A World-Renowned Source for Internet Developments. Serving Since 2002.