Archive - 2018

1
Crypto-Mining Attacks Emerge as the New Big Threat to Enterprises
2
Dutch Central Bank warns for phishing emails after DDoS attacks on banks
3
DUTCH BANKS, TAX AUTHORITY AGAIN TARGETED IN CYBER ATTACKS
4
Business cyber crime up 63%, UK stats show
5
DDoS Attacks Become More Complex and Costly
6
DDoS Attacks Evolve, Remain a Potent Threat
7
Test your cyber defenses with DIY DDoS
8
Defense Dept. blocks 36M malicious emails daily, fends off 600 Gbps DDoS attacks
9
U.K. Hacker Jailed For DDoS Attacking Pokémon GO
10
Hackers Will Target Small Business Through the Internet of Things in 2018, New Report Says

Crypto-Mining Attacks Emerge as the New Big Threat to Enterprises

Attackers looking to hijack systems for illegally mining digital currencies have begun eyeing business systems, security vendors say.

 In an ominous trend for businesses, hijacking computers for cryptocurrency mining appears to have become the go-to strategy for cybercriminals looking for a safe and reliable way to generate illegal revenues.

Several vendors in recent days have reported a huge surge in illegal crypto-mining activity involving millions of hijacked computers worldwide. Professional cybercriminals are moving away in droves from less profitable exploits to making money via the surging global interest in digital currencies, said Digital Shadows in the latest warning on this trend.

The activity has begun to pose as much of a threat to businesses as it does to consumers. Security vendor CrowdStrike recently reported that it had seen multiple instances of businesses being impacted by illegal crypto-mining activity. In some cases, mining tools installed illegally on business systems have caused applications and hardware to crash, causing operational disruptions lasting days and sometimes even weeks, says Bryan York, director of services at CrowdStrike.

“We’ve seen an uptick in unauthorized crypto-mining, or cryptojacking, targeting businesses,” he says. “While cryptocurrency mining has typically been viewed as a nuisance, we’ve recently seen several cases where mining has impacted business operations,” York warns.

Mining 101

Crypto mining is a fairly complex process where a computer’s processing resources are used for blockchain transaction verification. Mining is a very CPU-intensive, resource-hogging activity and some digital currencies like Bitcoin require special-purpose hardware to do it. Several other digital currencies like Monero, Zcash, and Ethereum, however, can also be mined by pooling the resources of multiple computers.

In return for installing a mining tool and allowing their computer resources to be pooled for mining, the miners or owners of the computers, receive digital coins in return. Mining itself is a legal activity, and many people around the world allow their systems to be used for the purpose in hopes of making some money on the side.

In recent months, however, cybercriminals have begun surreptitiously installing crypto-mining tools on victim computers and using resources of those compromised systems for the same purpose. Instead of taking over computers to steal data or install ransomware, cybercriminals have simply begun stealing system resources and using this to illegally profit from digital currency mining.

“These attacks are much stealthier than their predecessors,” Cisco’s Talos threat group said in a report this week. “Attackers are not stealing anything more than computing power from their victims and the mining software isn’t technically malware.”

When installing mining software, some criminals have even begun putting limits on things like CPU usage and amount of cores being used to ensure users don’t notice any obvious performance hit as result of mining software running on their system. In theory, victims could remain part of the adversary botnet indefinitely, Talos said in its report.

E-Currency Theft

Illegal crypto-mining is just one form of cryptocurrency fraud. Cybercriminals have also begun stealing tens of millions of dollars directly from electronic wallets used to store digital currency, as well as targeting cryptocurrency exchanges and trading platforms. Michael Marriott, research analyst at Digital Shadows, points to one recent incident where criminals targeted the Initial Coin Offering for blockchain application company Experty and used phishing emails to trick potential coin buyers to send funds to an attacker-owned wallet.

In another incident just this week, thieves emptied a staggering $500 million from Japan’s Coincheck cryptocurrency exchange.

However, illegal mining – especially for Monero – has quickly emerged as one of the most reliable and safe ways for cybercriminals to profit from the cryptocurrency craze. Using the Monero cybercurrency as an example, Talos has estimated that a threat actor using 2,000 hijacked computers can generate $500 per day, or $182,500 per year. There are some botnets with millions of infected systems that criminals can leverage to generate more than $100 million from cryptocurrency mining, according to Talos.

Driving the trend is the easy availability of do-it-yourself kits that almost anyone can use for illegal mining. Criminals can rent mining botnets for as little as $30 to $130 per month, and software for distributing miners for as little as $29, according to Digital Shadows.

“We’ve seen plenty of actors changing their focus to profit from this,” says Marriott from Digital Shadows. “For example, the ransomware variant known as VenusLocker switched its business model to mine bitcoin rather than encrypt files on victims’ computers. Similarly, the RIG exploit kit has incorporated Monero mining into its features,” he says.

Satori, a botnet associated with DDoS attacks, has also recently begun targeting cryptocurrency mining, as has Smominru, a botnet that has infected over 500,000 systems and already generated some $3 million in Monero, Marriott says.

Attackers have also begun searching on sites such as GitHub for keys to cloud services such as AWS in order to use cloud-based machines to mine cryptocurrencies, he notes. “If attackers have access to an organization’s cloud services, then as well as performing mining activity, they could realistically do other malicious acts, such as stealing data or installing malware payloads,” Marriott says.

WannaMine

CrowdStrike has observed crypto-mining attacks within the education, entertainment, financial, healthcare, insurance, and technology sectors, says York. Some of the tools used in the attacks pose a particular threat to enterprises. One example, he says, is WannaMine, a crypto-mining worm that uses sophisticated propagation and persistence methods to spread and remain on systems, he says.

“WannaMine propagates more effectively within a corporate network than it would on consumer network,” he notes. 

It uses the Mimikatz credential-harvester to acquire credentials and move laterally within organizations using the legitimate credentials. “If unsuccessful, WannaMine attempts to exploit the remote system with the EternalBlue exploit used by WannaCry in early 2017. This approach is generally more effective in corporate networks,” he says.

Nick Biasini, a threat researcher at Cisco Talos, says organizations that aren’t already looking for miners on their infrastructure definitely should be. “This is a huge new wave of threats that is being delivered to systems in virtually every way possible,” he says.

Some examples include phishing websites and rogue browser extensions.

Performance degradation is one sign of the activity, he says. A compromised system also periodically reaches out to the broader infected pool with which it belongs, so monitoring network activity is critical. “[But] it is important to note that attackers can throttle resource usage or only mine during off-hours to make it much more difficult to detect,” Biasini adds.

Source: https://www.darkreading.com/attacks-breaches/crypto-mining-attacks-emerge-as-the-new-big-threat-to-enterprises/d/d-id/1330965?

Dutch Central Bank warns for phishing emails after DDoS attacks on banks

The Dutch Central Bank (DNB) has issued warnings to consumers about phishing e-mails, following a series of DDoS attacks on banks. ABN Amro, ING and Rabobank were the victims of long-term DDoS attacks on several occasions last weekend and earlier this week; these led to the disruption of online services. The Tax and Customs Administration and Dutch national ID system DigiD were also affected.

DNB said there is a chance that the number of phishing emails will now increase, following these DDoS attacks. “It is not unusual for DDoS attacks on banks to be followed by an increase in phishing mail to account holders. Criminals often attempt to use the agitation around digital attacks to make people feel vulnerable, and to then extract sensitive bank account details.

The recent DDoS attacks on the banks were advanced, according to the DNB. Banks have in place strong defensive measures to ensure that services are available through websites and internet banking. The banks have been in constant consultation with each other during the few last days and have worked together with the authorities, including the DNB and the National Cyber ​​Security Center. For such situations, multiple consultation structures have been set up, aimed at normalising payment transactions as quickly as possible.

Source:https://www.telecompaper.com/news/dutch-central-bank-warns-for-phishing-emails-after-ddos-attacks-on-banks–1230205

DUTCH BANKS, TAX AUTHORITY AGAIN TARGETED IN CYBER ATTACKS

ABN Amro, ING, Rabobank and the Tax Authority again faced DDoS attacks on Tuesday, though this time the financial services managed to deter them better than over the weekend. The attacks caused a short disruption in payment system iDeal, but the problems were quickly restored, NOS reports.

ABN Amro was troubled by attacks all day long, but they were mostly successfully fought off, a spokesperson said to the broadcaster. Around 5:30 p.m. the bank faced a short disruption.

ING reported a disruption on Twitter, and then reported that the problems were solved a short time later. “Due to a short-lived DDoS attack, our services were temporarily inaccessible. The problems have been solved: our services are again available for use. We apologize for the inconvenience.”

Rabobank faced an attack around 5:00 p.m. that lasted around 8 minutes. “Customers experienced a delay, opening the app took longer and there were errors. It is not comparable with [Monday]”, a spokesperson said to the broadcaster.

The Tax Authority’s website was offline for about 7 minutes on Tuesday. The DDoS attack lasted about half an hour after the site was restored, but did not affect the website’s performance, according to a spokesperson. The attack happened around 7:00 p.m.

SNS also faced a DDoS attack, but customers experienced no problems, NOS reports.

ABN Amro, ING, Rabobank and the Tax Authority all had problems with DDoS attacks between Saturday and Monday. In a DDoS attack, a website is bombarded with huge amounts of data, overloading the server and crashing the site. Security company ESET determined that the attacks that targeted the banks came from servers in Russia.

Screen Shot 2018-01-31 at 10.34.40

Screen Shot 2018-01-31 at 10.34.50

Screen Shot 2018-01-31 at 10.35.02

Source: https://nltimes.nl/2018/01/31/dutch-banks-tax-authority-targeted-cyber-attacks

Business cyber crime up 63%, UK stats show

Despite an overall decrease in fraud and computer misuse in 2017, the latest Office for National Statistics (ONS) reports show that incidents involving computer misuse and malware against business are way up

There were 4.7 million incidents of fraud and computer misuse in the 12 months to September 2017, a 15% decrease from the previous year, according to the latest crime figures for England and Wales.

Fraud fell from 3.6 million in 2015 to 3.2 million incidents in 2016, while computer misuse dropped from 2 million incidents in 2016 to 1.5 million in 2017, according to data gathered from the Crime Survey for England and Wales (CSEW) (households), and the National Fraud Intelligence Bureau (NFIB) (business).

The fall in fraud was driven mainly by decreases in consumer and retail fraud, such as offences related to online shopping or fraudulent computer service calls, the ONS report said, while the fall in computer misuse was mainly due to a 26% fall in reported incidents of computer malware and distributed denial of service (DDoS) attacks.

However, the report also reveals that 56% of fraud incidents were cyber related, 23% of computer misuse incidents (410,000) involved loss of money or goods relating to computer malware and DDoS attacks, and computer misuse crime referred to the NFIB by Action Fraud increased by 63%.

This rise in business-related computer misuse to 21,745 offences, the report said, is largely accounted for by a 145% rise in computer malware and DDoS attacks the past year to 8,292 offences.

More specifically, this is thought to be due to a rise in levels of malware, mainly ransomware and Trojans, including several high-profile attacks and security breaches on national institutions, including the WannaCry attacks in May 2017.

The latest figures suggest that while consumer-targeted attacks might be falling, as consumer-grade security improves, cyber criminals are now shifting their gaze to the potentially more profitable enterprise sector.

Andy Waterhouse, pre-sales director for Europe at RSA Security, said UK business is facing tougher conditions than ever as cyber attackers chase greater profits.

“In this post-WannaCry world, both consumers and organisations need to do more to assess their data, identify their most valuable assets, and protect these ‘crown jewels’ as best they can through a mix of multi-factor authentication, strong and unique passwords and a greater level of education on cyber skills,” he said.

Fraser Kyne, European CTO at Bromium, said the increase in in computer misuse incidents involving business is no surprise given the spate of ransomware and Trojan attacks in the past year.

“Last year was a year of mega-breaches that made clear how far ahead the bad guys are compared to the security industry. Businesses were shut down for long periods of time, too many ransoms were paid, the bad guys got richer and the security industry looked on, often powerless, as its tools were rendered useless by new and constantly evolving techniques,” he said.

However, Kyne said it was worth noting that this the ONS figures related only to reported crime. Reports can only tell us what has been detected and reported.

“These detected events prove that things are getting in; so we must also assume that things are getting in that are remaining undetected too. This is why we need tools that can protect us from the things that we can’t see or detect,” he said.

“Cyber crime will continue to flourish as long as the security industry remains reliant on detection-based security tools. With cyber criminals becoming more successful every year, we have to admit that the detection model is broken.

“The industry must respond with new ways of defending enterprises and the public at large to ensure that we don’t see the continued rise of cyber crime.”

According to Kyne, virtualisation can provide this protection to enterprises. “By running applications within their own completely isolated virtual machine, you can ensure that any malware directed at businesses is contained to that environment, unable to escape and infect the rest of the system.”

Josh Gunnell, fraud specialist at the Callcredit Information Group, said the latest ONS statistics clearly indicate that fraud remains a threat to every organisation in the country.

“With 3.2 million incidents of fraud in England and Wales and 1.8 million being cyber related, the worrying trend shows no signs of abating,” he said.

“This is especially pertinent considering the damaging impact the ongoing fraud threat has had on trust in organisations, with a majority of consumers we spoke to believing that fraudsters are always one step ahead of businesses.

“To win back consumer confidence, which is key to long-term success, businesses need to do everything they can to keep data and identities safe. Implementing smarter, more dynamic fraud prevention strategies, such as artificial intelligence, alongside traditional fraud prevention methods – and communicating these to their customers – can go a long way towards achieving this. In addition, the importance of using behavioural and location data to provide fraud insights cannot be overstated,” he added.

Source: http://www.computerweekly.com/news/252433873/Business-cyber-crime-up-63-UK-stats-show

DDoS Attacks Become More Complex and Costly

Distributed denial-of-service (DDoS) attacks are more complex and cause more financial damage than ever, new data shows.

According to NETSCOUT Arbor’s 2017 Worldwide Infrastructure Security Report published today, the number of DDoS attacks that cost organization between $501 to $1,000 per minute in downtime increased by 60%. In addition, 10% of enterprises estimated a major DDoS attack cost them greater than $100,000 in 2017, five times more than previously seen.

Now in its 13th year, the report is based on 390 responses from service providers, hosting, mobile, enterprise, and other types of network operators from around the world. A full 66% of all respondents identify as security, network, or operations professionals.

Gary Sockrider, principal security technologist with NETSCOUT Arbor, says there was a 20% increase in multi-vector attacks in 2017 compared to the previous year. Multi-vector attacks combine high-volume floods, TCP state exhaustion attacks, and application-layer attacks in a single sustained offensive, which makes the attacks more difficult to mitigate and increases the attackers chance of success.

“We found that nearly half the group said they experienced a multi-vector attack,” Sockrider says.

“Along with revenue loss, companies also experience customer and employee churn as well as reputational damage,” he says.

DDoS attacks last year originated primarily from China, Russia, and inside the US, according to the report. The top motivators for the attacks were online gaming-related (50.5%), criminals demonstrating DDoS capabilities to potential customers (49.1%), and criminal extortion attempts (44.4%). Political/ideological disputes were fifth on the list at 34.5%.

Sockrider says due to the global shortage of IT security talent, many respondents were turning to automation  for DDoS mitigation: 36% of service providers use automation tools for DDoS mitigation, and 30% of providers employ on-premise or always-on cloud services for thwarting these attacks.

Meantime, researchers at Imperva researchers developed a list of the Top 12 DDoS Attack Types You Need to Know. Among them:

DNS Amplification: In a reflection type of attack, a perpetrator starts with small queries that use the spoofed IP address of the intended victim. Exploiting vulnerabilities on publicly-accessible DNS servers, the responses inflate into much larger UDP packet payloads and overwhelm the targeted servers.

UDP Flood: The perpetrator uses UDP datagram–containing IP packets to deluge random ports on a target network. The victimized system attempts to match each datagram with an application, but fails. The system soon becomes overwhelmed as it tries to handle the UDP packet reply volume.

DNS Flood: Similar to a UDP flood, this attack involves perpetrators using mass amounts of UDP packets to exhaust server-side resources. However, in this attack the target is DNS servers and their cache mechanisms, with the goal being to prevent the redirection of legitimate incoming requests to DNS zone resources.

Source: https://www.darkreading.com/attacks-breaches/ddos-attacks-become-more-complex-and-costly/d/d-id/1330899

DDoS Attacks Evolve, Remain a Potent Threat

Distributed denial of service (DDoS) attacks continue to evolve, and will remain a major threat to most organizations for the foreseeable future. A combination of factors is driving the trend, including the emergence of IoT and mobile botnets, the easy availability of for-hire services in criminal marketplaces and an increase in criminal actors seeking to monetize DDoS attacks.

“DDoS is and will continue to be an often-used tool in the attacker’s toolkit,” said Mike Kun, manager of the security intelligence team at Akamai. “It is a cheap, easily customizable way to disrupt and degrade a target’s Internet assets.”

Reports from multiple security vendors show that DDoS attacks grew in number in 2017. Kaspersky Lab estimated that some 33 percent of organizations faced a DDoS attack last year from just 17 percent in 2016. Forty-one percent of the victims were large enterprises, 33 percent were SMBs and 20 percent were very small business. Certain types of DDoS attacks—such as ICMP and UDP attacks—became rare, while other types of attacks including HTTP attacks and SYN DDoS attacks grew.

The IoT and Mobile Botnet Threat

Few expect attack trends to reverse dramatically in volume anytime soon. For one thing, the proliferation of IoT and mobile devices in recent years has given attackers new resources for assembling massive DDoS botnets. Last year’s WireX botnet, one of the largest ever used for DDoS purposes, was built entirely using tens of thousands of infected Android devices from some 100 countries. Malware including Mirai and Reaper have given attackers the ability to assemble similarly huge attack botnets from routers, webcams, DVRs and other ordinary consumer IoT devices. Such botnets have given attackers new, harder-to-disrupt resources for launching damaging DDoS attacks.

“Many attackers have seen the value in exploiting a vast pool of poorly secured and, occasionally, unpatchable devices,” Kun said. “As more vendors add an IP address to a device, companies willing to cut corners on security to save costs will keep feeding the pool of vulnerable devices that attackers can leverage.”

DDos as a Service

Threat actors offering DDoS-for-hire services are another factor. Last October, the FBI warned of an increase in the scale and frequency of DDoS attacks resulting from the ready availability of so-called “booter” and “stresser” services via cybercrime forums. Such services sell access to botnets that malicious actors can use to anonymously launch DDoS attacks against targets of their choice. Booters and stressers have made it possible for adversaries to execute DDoS attacks without having to create their own infrastructure for it and with little risk of attribution.

“Bad guys no longer need a great deal of sophistication to launch a DDoS attack,” said Joseph Blankenship, an analyst at Forrester Research. “So long as I am able to pay, I am able to conduct a DDoS attack.”

The Monetization of DDoS Attacks

Attack motivations have changed, as well. For many cybercriminals, DDoS attacks are no longer just a way to disrupt a victim’s services—they are using the attacks to extort money, or as a distraction to hide other malicious activity and as a tool to hurt competitors.

Threat groups such as Lizard Squad and the Armada Collective have extorted tens of thousands of dollars from organizations by merely threatening to hit them with a DDoS flood. Another group, DD4BC (DDoS For Bitcoin), has harassed several financial services companies for bitcoin payment in exchange for not hitting them with a DDoS attack.

In a growing number of instances, enterprises are being asked to pay up to make an actual DDoS attack stop, said Blankenship. “One thing we have seen is a trend toward attacking businesses for competitive benefit.” This has been a problem especially in the gaming industry, with businesses sometimes using DDoS attacks to slow down a rival site, he noted.

The Mitigation Challenge

From a mitigation standpoint, bad actors these days operate under the notion that their target is likely to be protected by a service that can handle vast amounts of DDoS attack traffic, said Igal Zeifman, security evangelist for Imperva.

“As mitigation solutions have scaled up, bad actors have been forced to think outside of the [box] and look for other, more clever ways to break through security services and appliances,” he said. The result: DDoS attacks these days tend to be less predictable and, therefore, more difficult to stop.

For instance, DDoS attacks have become generally shorter, more powerful and more persistent than in previous years, Zeifman said. Nearly 70 percent of DDoS attacks at the network layer in 2017 lasted less than 30 minutes and targeted the same victim 17.7 times. There also has been an increase in the use of high-packet-rate assaults, wherein the target has to deal with a massive amount of DDoS payloads each second. “Measured in millions of packets per second, we saw these attacks scale as high as 650Mpps,” in 2017, he said.

Cybercriminals have also begun mixing up DDoS attacks to make mitigation harder, Blankenship noted. A growing number of attacks these days are targeted at the application layer, which means network-level mitigations alone are no longer enough. It is not uncommon these days to see organizations being targeted with a combination of attacks at the network and layer, he said. In fact, according Kaspersky Lab, mixed multi-component attacks that combined SYN, TCP connect, HTTP flood and UDP flood attacks represented a substantial proportion of DDoS attacks last year and are gaining in popularity.

DDoS mitigation has become essential to protecting digital businesses, Blankenship said in a recent Forrester DDoS report. Firewalls and intrusion prevention systems that come with some built-in DDoS mitigation are not sufficient. Organizations, especially in heavily targeted sectors such as financial services, should also consider some of the on-premises, in-cloud and hybrid DDoS mitigation options currently available, he said.

Source: https://securityboulevard.com/2018/01/ddos-attacks-evolve-remain-potent-threat/

 

Test your cyber defenses with DIY DDoS

CANADIAN cybersecurity company DOSarrest has released a new service which allows organizations to test their systems’ resilience against distributed denial of service attacks.

The Cyber Attack Preparation Platform (CAPP) allows anyone to choose from a variety of options which specify the attack type, velocity, duration, and vector. The service is paid for according to the options chosen, and can be used by anyone – previously, only DOSarrest’s clients had access to this type of facility.

The attacking machines are distributed across the world and employ a variety of methods, thus accurately emulating an attack “in the wild.”

The company’s literature states that in some cases, larger hosts (such as cloud provider services like AWS or Google Cloud) simply scale up their hosted sites’ provisions in order to mitigate an attack: in short, when the going gets tough, the tough throw resources.

However, this style of mitigation can cost companies large sums of money if they are funding their cloud computing activities on the basis of pay-as-you-use.

Users of DOSarrest’s service can choose to pick specific attack types from a range of TCP attacks, plus a focussed range of attacks usually aimed at web services.

DOSarrest’s CTO, Jag Bains commented:

“It’s interesting to see how different systems react to attacks; CAPP not only shows you the traffic to the victim but also shows you the traffic response from the victim. A small attack [on] a target can actually produce a response back that’s 500 times larger […] This is the best tool I’ve seen to fine tune your cybersecurity defenses, if you fail you can make changes and launch the exact same attack again, to see if you can stop the attack.”

The company advises that attacks are chosen carefully as it is plainly possible to bring down an entire enterprise’s systems – by equal measures alarming and reassuring that large attacks can be emulated.

The company provides a handy pricing calculator by which interested parties can scope out what their testing might cost them: a ballpark of $US1,500 might be considered a bare minimum.

Of course, the cost of an attack by unknown actors will be much more, by some significant factor, and DOSarrest’s facility should hopefully go some way in mitigating the chances of such an attack being successful.

Source: http://techwireasia.com/2018/01/test-your-cyber-defenses-with-diy-ddos/

Defense Dept. blocks 36M malicious emails daily, fends off 600 Gbps DDoS attacks

That the Defense Department blocks 36 million malicious emails daily aimed at accessing U.S. military systems, as Defense Information Systems Agency Director of Operations David Bennett recently said, underscores that attackers continue to consider email an attractive attack vector and highlights the stresses that security pros face daily trying to sort through threats.

“Our threat labs have observed cybercriminals recently migrating to email as the most common attack vector. As the tension between nations is increasing, more of the conflict is being fought online. They use email because it is effective,” said Nick Bilogorskiy, cybersecurity strategist at Juniper Networks, noting that he wasn’t surprised that the Defense Department had seen an uptick in email attacks. “While most such attacks are simple phishing scams, the most dangerous ones are usually the work of rogue nation states and can be political in nature.”

Bennett, speaking at an Armed Forces Communications and Electronics Association (AFCEA) event, confirmed that “emails are the number one delivery mechanism globally” and lamented the near-constant vigilance required of cybersecurity pros. “The reality is we’ve got to get it right all the time, they only have to get it right once,” he said, according to a report in NextGov.

The agency also has thwarted distributed denial of service (DDoS) attacks as large as 600 Gbps “on internet access points, and unique and different ways of attacking us we hadn’t thought of before,” some of which are classified, said DISA Director Lt. Gen. Alan Lynn, who will leave his post February 2. Lynn is also commander of Joint Forces Headquarters-Department of Defense Information Network.

The Pentagon anticipates the size of DDoS attacks to grow. “We call it the terabyte of death looming outside the door,” the report quoted Lynn as saying. “We’re prepared for it. It’s just a matter of time before it hits us.”

Noting that state-sponsored attacks have caused power outages and mucked with election systems, Bilogorskiy called for rules “to be established to define the protections of non-combatants in and around the cyber-war zone,” restricting “certain technologies or attack scenarios” like “DDoSing life-support systems” or “causing civilian plane crashes through custom malware.”

While “interfering with communication system computers are starting to seem like a part of standard military tactics,” he said, “hacking attacks that cause a direct loss of life should be considered war crimes, in my opinion.”

Source: https://www.scmagazine.com/defense-dept-blocks-36m-malicious-emails-daily-fends-off-600-gbps-ddos-attacks/article/738292/

U.K. Hacker Jailed For DDoS Attacking Pokémon GO

A U.K. man is now sitting in prison for the next two years, all because he decided he wanted to take down Pokémon GO. The Metro is reporting that 21-year-old hacker Alex Bessell has been sentenced to 24 months in prison for what is probably the crowning achievement in his hacking career so far, being one of the few people to shut down the mobile app. Bessell set up a website called Aiobuy that had over 9.000 zombie computers with the singular goal of selling viruses and using them to create DDoS attacks. This also included “remote administration tools, Botnet tools, crypters, booter access and other malware and illegal items.”

Bessel has actually made a career out of being a hacker, aside from making over $500k on Aiobuy, he also helped with a group of other hackers develop the “Galaxy JDB” hacking tool and running a money-laundering scheme between 2012-2013. Many of his attacks took down big companies in the U.K. including Skype, Google, and Pokémon GO. Bessell pled guilty to nine different counts of different cybercrime offenses, which landed him the two-year sentence. No word yet as to whether or not he can apply for parole down the road or if there will be any restrictions placed on him after being released.

(Last Updated January 19, 2018 7:38 pm )

Hackers Will Target Small Business Through the Internet of Things in 2018, New Report Says

A new report finds hackers are poised to target small businesses that use Internet of Things (IoT) technology to gain access to data from larger global firms in 2018. The  2018 Cybersecurity Predictions by Aon’s Cyber Solutions predicts a small business Internet of Things (IoT) breach will create a domino effect that damages a larger company.

2018 Cybersecurity Predictions

The report also found that while  55 percent of small businesses were breached between 2015 and 2016,  only a small minority see cybersecurity as a critical issue. This is despite the fact that the overall money spent on cybersecurity in 2017 was $86.4 billion, an increase of 7 percent over 2016.

New Threat

The Internet of Things (IoT) is at heart of this new threat.  It’s loosely defined as all software enabled devices we use (from appliances to smartphone sand computers) that can exchange data.

Criminals hijacked hundreds of thousands of Internet of Things (IoT) devices worldwide in 2017. They’ve even fine tuned  social engineering and spear-phishing tactics according to the report.

Jason J. Hogg, CEO of Aon Cyber Solutions explains the looming threat as small businesses use this technology.

“IoT is notoriously unsecured: manufacturers often lack necessary security expertise, constant product innovation creates vulnerabilities, and companies frequently overlook proper patch management programs. Hackers exploit this reality, targeting IoT as a pivot point to enter systems and take control of physical operations.”

Botnets

The report found that hackers favored botnets like “Hajime” and “IoT_reaper” last year. The growing trend caused concerns about DDoS attacks and other issues. DDoS attacks occur when hackers flood servers with bogus data and websites and networks get shut down.

High Cost

Any attack can really harm a small businesses’ operations as well as a larger organization.  There’s always a high cost to having your business shut down for any amount of time. What’s more, there’s lasting reputational damage because these smaller firms are working more and more with big organizations that have a large reach.

Hogg also says there are some other reasons why small businesses are ripe for this new Internet of Things (IoT) cybersecurity threat.

“Small businesses, lacking resources and/or awareness to effectively secure their systems, are particularly vulnerable to cyber attacks on IoT,” he says. “The breach will serve as a wake-up call for small and midsized businesses to implement better security measures so as not to risk losing business.”

Passwords

The report also predicts passwords will continue to be hacked. Multifactor authentication will become critical as hackers learn to get around biometrics.  Larger businesses will adopt standalone cyber insurance policies and chief risk officers will play a larger role.

The report also sees the spotlight on regulation strengthening and widening as calls for a harmonized approach to cyber security get more intense.  It points to the EU’s attempt to set  a universal standard for consumer data privacy and Global Data Protection Regulation (GDPR), that oversees companies collecting data from EU citizens.

Criminals will also target transactions that use points as currency like retailers who use rewards, gift and loyalty programs.  The use of cryptocurrencies will encourage an increase in ransomware attacks in 2018 like the WannaCry ransomware that affected 200,000 computers in 150 countries in 2017.

Source: https://smallbiztrends.com/2018/01/2018-cybersecurity-predictions.html

Copyright © 2014. DoS Protection UK. All Rights Reserved. Website Developed by: 6folds Marketing Inc. | Demo Test