Category - DDoS Attacks

2011 Likely to Have Far More Malevolent Threats, Security Experts Warn
Floating point DoS attack
Wikileaks Affair & the CyberWorld

2011 Likely to Have Far More Malevolent Threats, Security Experts Warn

According to a warning by IT security experts, 2011 could be more challenging with respect to malware threats compared to the current year (2010). The Hindu Business Line published this on December 27, 2010. Also, according to the experts, they anticipate a huge change within the threat scenario as fresh types of organizers emerge having increasingly effective objectives for their Internet assaults.

Additionally, they state that during 2011, viruses will appear more-and-more similar to those we see in science fiction films. Together with this, the realm of cyber-crime will consolidate just like corporations merge. Viruses won’t simply attack individuals, but target corporations and installations more-and-more. There will be no sparing of anti-virus agencies too.

According to Vice-President Shantanu Ghosh for Symantec’s India operations, in 2011, there will be increasing attacks against industrial organizations and crucial infrastructures and while there’ll be responses from ISPs, the governments will take counter actions only slowly. The Economic Times published this on December 28, 2010.

Furthermore, mid-sized businesses will be targeted with cyber-spying. Both critical infrastructures and highly reputed brands will keep on getting attacked with more-and-more localized and targeted assaults. Besides, most assaults will take place through Web-browsers, while Distributed Denial-of-Service (DDoS) attacks will continue to inflict the Internet in a massive way.

According to The Hindu Business Line dated December 27, 2010, security specialists think there’ll be a completely fresh group of more dangerous authors of malicious software as well as malware attacks that will seek private data and monetary gains. Also, Spyware 2.0 will emerge which is a fresh breed of malicious program for capturing users’ private information.

Additionally, there will be more of cyber-criminals’ attacks against users in big companies, while direct assaults against daily end-users will slowly decline.

Hence it’s vital for comprehending that for executing an online assault, the technique utilized won’t rely on the entity organizing it alternatively the objective(s) it has rather it’ll be reliant on the services of the Internet, the technical abilities of modern operating systems, and of course the gadgets the general public utilize during work as well as during their day to day living.

SPAMfighter News – 05-01-2011


Floating point DoS attack

A bug in the way the PHP scripting language converts certain numbers may cause it to tie up all system resources. For example, on 32-bit systems, converting the string “2.2250738585072011e-308” into a floating point number using the function zend_strtod results in an infinite loop and consequent full utilisation of CPU resources.

PHP 5.2 and 5.3 are affected, but apparently only on Intel CPUs which use x87 instructions to process floating point numbers. The x87 design has long been known to contains a bug which triggers just this problemPDF when computing approximations to 64-bit floating point numbers. By default, 64-bit systems instead use the SSE instruction set extension, under which the error does not occur. Processing the numbers 0.22250738585072011e-307, 22.250738585072011e-309 and 22250738585072011e-324 also triggers an infinite loop.

It may also be possible to remotely disable some server systems merely by sending this value as a parameter in a GET request. The PHP development team has fixed this in the forthcoming version 5.3.5. A patch for version 5.2.16 is available from the repository.


Wikileaks Affair & the CyberWorld

The Wikileaks Affair & the CyberWorld

ESET Ireland’s Urban Schrott Examines How Global Communities Defend the Right of Free Information Circulation

ESET_Wikileaks.jpg2010 bows out on a note of controversy and turmoil, not only in the areas of diplomatic, political, international relations and law, but also, probably for the first time in history, with the involvement (willingly or otherwise) of the whole global online community in an initiative aimed at defending the right to free information circulation through various means.

Leaving aside all the aforementioned global implications to focus purely IT security issues, this is a multilayered phenomenon, where each layer could be expanded into a security analysis all on its own. For the sake of a comprehensive overview, lets focus on a few of its most prominent manifestations here, and on how the Wikileaks affair might prove to be a game-changer in several aspects.

The first consideration, the original sin you might say, is of course data protection itself. More specifically, the question of how potentially compromising data was being gathered, how it was transported and how it was stored. And where in all these processes people with various levels of clearance were able to get their hands on it and misuse it.

Inside Stories

Various IT security analysts have been pointing out for years now, how insider data abuse is far the most common source of data leakage. According to a 2009 Ponemon study, 59% of corporate workers surveyed stated they would leave with sensitive corporate data upon layoff or departure; 79% of these respondents admitted that their company did not permit them to leave with company data and 68% were planning to use such information as email lists, customer contact lists and employee records that they stole from their employer.

Even though these data have been available for nearly two years, there seems to have been no significant global trend towards major policy changes regarding in-house data protection, nor has there been a reported widespread increase of the use of specialised protection hardware and software. So since nowadays most data, including data formally classified as sensitive, are no longer collected as neatly organised papers in filing cabinets, but digitally, and are therefore very easy to copy and distribute for anyone who can gain access to them, it was inevitable that a major incident would take place sooner or later. And while such incidents in the corporate environment can usually be accommodated within the bounds of economic sustainability, in this case, since the breaches concern classified government documents, mainly related to US international involvement in sensitive areas, the damage done has greatly affected already brittle international relations.

The After Effects

Now to the next part of the story, the after-effects. The first and most immediate development was a series of futile attempts to shut the stable door, firstly through shutting down Wikileaks servers, then by the exertion of coordinated corporate pressure from some of the major online players to disable funding and hamper further distribution of the compromised data.

The varied national legislations regarding webhosting made it impossible to block the distribution of data globally, while the funding issue and the involvement of (presumably) independent companies such as PayPal and Amazon sparked an unprecedented backlash from netizens worldwide which resulted in yet another previously unheard of situation. This was the much publicised Operation Payback, a concerted global hacking offensive, which was in December directed against the supposed offenders against the freedom of information.

This quick and well organised response surprised many, even if the “relative ease” and success of the attacks chosen didn’t. Jan-Keno Janssen, Jurgen Kuri, Jurgen Schmidt wrote about it in a thoughtful article for Heise (The H), while ESET’s Jeff Debrosse wrote in more detail about the DDoS (Distributed Denial of Service) attacks in his article “Web Weaponization and WikiLeaks”, where yet another twist is disclosed: cybercriminals were quick to attach their own interests to all the buzz created around the topic, spreading infected links supposedly leading to more info or resources, and SEO-ing (using Search Engine Optimization techniques) around the Wikileaks buzzwords.

Opinion has been divided on the concept of “ethical hacking”, especially in the context of the viability and morality of using measures that may cause inconvenience (and worse) to users of targeted services who may or may not be sympathetic to the Wikileaks stance. Consider, for example, this post by Neil Schwartzman which describes an attack on Spamhaus launched on the assumption that the blacklisting of the site was a further example of harassment of Wikileaks. Spamhaus, however, claims that is a malicious site intended to take advantage of all the fuss to pursue its own unethical purposes. While we can’t say authoritatively who is “in the right” in this particular case, it seems all too likely that criminals will continue to use this controversy to their own advantage We can only hope that the defenders of information’s right to “want to be free” do not see the efforts of malware distributors, bot-herders and phishers as “free speech.”

Operation Leakspin

A different approach, aimed at a greater dissemination of controversial data rather than disrupting anyone else’s work, is now also in effect through the means of Operation Leakspin, but that’s already going beyond the field of IT security.

Overall it’s still not sure whether the whole evolution of the Wikileaks affair is best described as a domino effect or a butterfly effect, or the combination of both, given all the repercussions and sub-plots developing all over the web. However, we are very likely to see change in some of the established protocols regarding data handling and distribution as a direct or indirect result of this incident, or perhaps even the introduction of new ones.


Copyright © 2013. Created by Meks. Powered by WordPress.