Category - DDoS Defense

1
Alleged Lulzsec member, Ryan Cleary, indicted in U.S.
2
London Internet Exchange hit by suspected DDoS attack
3
WHMCS under renewed DDoS blitz after patching systems
4
GM Food Research Site Hit by Cyber Attack
5
‘SOCA’s weak response to a recent DDoS attack sends the wrong message’
6
ESET Lists the Dominant E-Threats of 2010
7
Securing the cloud
8
2011 Likely to Have Far More Malevolent Threats, Security Experts Warn
9
Floating point DoS attack
10
Wikileaks Affair & the CyberWorld

Alleged Lulzsec member, Ryan Cleary, indicted in U.S.

A U.S. federal grand jury has indicted Ryan Cleary, a British citizen, accusing him of orchestrating a hacking rampage last year that victimized Sony Pictures Entertainment, Fox Entertainment Group and others.

The indictment, filed on Tuesday in Los Angeles district court, alleges Cleary ran a powerful botnet used to execute distributed denial-of-service (DDOS) attacks, vandalize websites and steal sensitive data as part of the hacking group Lulz Security, or LulzSec.

LulzSec, an offshoot of Anonymous, fell under heavy scrutiny from law enforcement worldwide for its successful attacks and relentless bravado, often publicized through its Twitter account.

Cleary, 20, was arrested in June 2011 at his home in Wickford, England, for allegedly taking part in the DDOS attacks against Britain’s Serious Organised Crime Agency. He is charged in the U.K. with five computer-related offenses and is accused of distributing botnet programs to attack SOCA as well as websites of the International Federation of the Phonographic Industry and the British Phonographic Industry.

An FBI spokeswoman said the U.S. will evaluate after Cleary’s legal proceedings have finished in the U.K. whether to request his extradition.

Cleary, who has been diagnosed with a type of high-functioning autism called Aspergers Syndrome, is in jail awaiting trial. He was arrested again in March for breaching his bail conditions by using the Internet and contacting former LulzSec leader Hector Xavier Monsegur, The Guardian reported.

Monsegur, who was known as “Sabu,” was arrested in secret by the FBI and provided information that led to another spate of LulzSec arrests, including of one American man and four in the U.K. in March. Monsegur pleaded guilty in August 2011 to various hacking charges, including attacks against HBGary Federal, the Public Broadcasting System, Sony Pictures and Fox.

Cleary is also accused of either attacking or stealing data from Fox, PBS, Sony, Riot Games and SOCA. He is charged with one count of conspiracy and two counts of unauthorized impairment of a protected computer. If convicted, he could face a maximum of 25 years in prison.

Cleary, already charged in the U.K., is accused of attacking Sony Pictures and Fox Entertainment

The indictment alleges Cleary controlled a botnet that may have been composed of hundreds of thousands of computers. Botnets are networked of hacked computers that can be remotely controlled.

He is also accused of identifying security vulnerabilities on computer networks, obtaining sensitive information and coordinating the publishing of the information taken from LulzSec’s victims. Prosecutors allege in one instance Cleary stole the personal data of people registered to receive information on auditions for Fox’s “The X-Factor” talent show.

Source: http://www.computerworld.com/s/article/9228096/Alleged_Lulzsec_member_Ryan_Cleary_indicted_in_U.S.

London Internet Exchange hit by suspected DDoS attack

The London Internet Exchange (LINX) has been hit by a large scale outage that many observers are blaming on a possible distributed denial of service (DDoS) attack.

The non-profit exchange provides the majority of UK ISPs with a peering platform for their connections and the outage hit both the companies and their customers all in one go.

The LINX Network Community confirmed the outage on Twitter, despite the organisation’s press office being unable to provide Computer Weekly with a statement.

The tweet said LINX was “aware of issues on its network” and had “engineers currently working to rectify this,” but fell short of giving an explanation for the problem.

However, customers operating over LINX also took to the social network to explain their own experiences, with a number suggesting a DDoS attack was responsible.

Worthers Creative Media Solutions released a statement to its customers saying: “We are told [the outage] was due to a 200GB denial of service attack but are unsure of exact details at this point. The result of this was that 60% of traffic for about 40 minutes got lost to some of our servers and therefore may have affected some people accessing sites.

“Just to clarify, this wasn’t an issue with the servers themselves or the datacentre but was more widespread and outside of our control.”

Voice over IP provider Orbtalk, internet telephony firm Voxhub, and telecoms company VoiceHost also reported being taken down by the outage.

Others are also citing Juniper Networks’ PTX packet switches, which the LINX network is based on, which only went live earlier today. However, with no formal statement from the organisation, the exact cause remains open to speculation.

At the time of publishing this article, the network community said the LINX local area network was now stable, but the huge number of services hit will take time to resume after the failure.

Source: http://www.computerweekly.com/news/2240151068/London-Internet-Exchange-hit-by-DDoS-attack

WHMCS under renewed DDoS blitz after patching systems

WHMCS, the UK-based billing and customer support tech supplier, has once again come under denial of service attacks, on this occasion following an upgrade of its systems to defend against a SQL injection vulnerability.

The security patch was applied on Tuesday following reports by KrebsOnSecurity that a hacker was auctioning rights to abuse the vulnerability through an underground hacking forum. The then zero-day blind SQL injection supposedly created a mechanism for miscreants to break into web hosting firms that rely on WHMCS’s technology. The exploit was on offer at $6,000 for sale to a maximum of three buyers.

In a notice accompanying the patch release, WHMCS stated that it was notified about the problem with its systems by an “ethical programmer”.

Within the past few hours, an ethical programmer disclosed to us details of an SQL Injection Vulnerability present in current WHMCS releases.

The potential of this is lessened if you have followed the further security steps, but not entirely avoided.

And so we are releasing an immediate patch before the details become widely known.

Installing the patch is simply a case of uploading a single file to your root WHMCS directory. This one file works for all WHMCS versions V4.0 or Later.

The events of last week have obviously put a lot of focus on WHMCS in recent days from undesirable people. But please rest assured that we take security very seriously in the software we produce, and will never knowingly leave our users at risk. And on that note if any further issues come to light, we will not hesitate to release patches for them – as we hope our past history demonstrates.

The advisory references an incident last week when hackers tricked WHMCS’s own hosting firm into handing over admin credentials to its servers. The crew that pulled off the hack, UGNazi, subsequently extracted the billing company’s database before deleting files, essentially trashing its server and leaving services unavailable for several hours. The compromised server hosted WHCMS’s main website and supported customers’ installations of the technology.

UGNazi also seized access to WHMCS’s Twitter profile, which it used to publicise locations from which the compromised customer records might be downloaded. A total of 500,000 records, including customer credit card details were exposed as a result of the breach. Hacktivists justified the attack via unsubstantiated accusations that WHMCS offered services to internet scammers.

Last week’s breach involved social engineering trickery and wouldn’t appear to be related to the SQL Injection vulnerability patched by WHMCS on Tuesday. Since applying the patch WHMCS has come under attack from a fresh run of denial of service assaults, confirmed via the latest available update to WHMCS’s Twitter feed on Tuesday afternoon.

We’re currently experiencing another heavy DDOS attack – seems somebody doesn’t like us protecting our users with a patch … Back online asap

WHMCS’s website remains difficult to reach, at least from Spain, but its official blog, can be found here.

The firm was unreachable for comment at the time of publication.

Source: http://www.theregister.co.uk/2012/06/01/whmcs_ddos_follows_patching/

GM Food Research Site Hit by Cyber Attack

Rothamsted Research says its Web site appers to have been taken down by a DDoS attack.

The Web site for the UK agricultural institute Rothamsted Research was taken down by a cyber attack on Sunday night.

“The Twitter handle @AnonCrash1 was the first to mention the attack, at 5:18pm on Sunday, tweeting ‘Tango Down www.rothamsted.ac.uk,'” Information Age reports. “Five hours later, @AnonOpsLegion tweeted: ‘TANGO DOWN these guys are like the MONSANTO of the UK www.rothamsted.ac.uk.'”

“The cyber-strike came after hundreds of protestors went to the agricultural research station in Hertfordshire to try to attack the facility’s trial of genetically modified wheat,” writes The Register’s Brid-Aine Parnell. “A large force of mounted police and foot patrols stopped the activists from ripping up the crop, one of the stated aims posted on the protest’s website.”

In a press release, Rothamsted Research stated, “We believe this was a distributed denial-of-service (DDoS) attack but it is unclear who was responsible. The timing of the attack and the information we have seen on Twitter would suggest this attack relates to an experiment being conducted at Rothamsted Research to test wheat which has been genetically modified to repel greenfly and blackfly pests as a sustainable alternative to spraying pesticides.”

“Rothamsted’s wheat contains genes that have been synthesised in the laboratory; a gene will produce a pheromone called E-beta-farnesene that is normally emitted by aphids when they are threatened by something,” BBC News reports. “When aphids smell it, they fly away. Prof John Pickett, a principal investigator at Rothamsted Research, told BBC News there was ‘a very, very remote chance that anything should get out.'”

Source: http://www.esecurityplanet.com/hackers/gm-food-research-site-hit-by-cyber-attack.html

‘SOCA’s weak response to a recent DDoS attack sends the wrong message’

André Stewart, president international at Corero Network Security, argues that the Serious Organised Crime Agency should have taken a recent DDoS attack more seriously…

The response by the Serious Organised Crime Agency (SOCA) to the distributed denial of service (DDoS) attack directed at its public website is somewhat disappointing for the nation’s leading anti-crime organisation. The agency’s statement that it does not consider investing in DDoS defence protection “a good use of taxpayers’ money” fails to take into account potentially serious security consequences. Further, it sends the wrong message to cyber criminals at a time when businesses and organisations in the United Kingdom and around the world operate under continuous threat of attack.

The attack against the SOCA website used a network-layer DDoS attack which is a very publicly visible form of cyber crime. The attackers’ intent is to slow or bring down a website for the entire world to see. The victim organisation has to own up to what has happened and, in the case of government entities, explain why it will not or cannot respond effectively.

However, hacktivist groups and criminals frequently use DDoS attacks as a smokescreen to hide more surreptitious intrusions aimed at stealing data. For example, the theft of 77 million customer records from the Sony PlayStation Network was preceded by a severe DDoS attack. In discussing its 2012 Data Breach Investigations Report, Verizon’s Bryan Sartin said that diversionary DDoS attacks are common practice to mask data theft, including many of the breaches by hacktivists which totalled some 100 million stolen records.

This raises the question about SOCA’s approach to securing its networks and the protection of critical information from more sinister, stealth cyber attacks. Criminals want to create diversions and remain unnoticed while they infiltrate deeper into a network and steal data. Most data breaches go undetected for weeks, months, even years in some cases. Can we be confident, based on SOCA’s response to its public website being hit for the second time in less than a year, that it is addressing more critical security risks? The response to the latest incident could undermine confidence in the quality of the agency’s security program. How deep does its estimable high regard for taxpayer money go?

Just last June, the LulzSec group claimed credit for taking SOCA offline with a DDoS attack. One has to wonder if SOCA is truly dismissive of these attacks or simply has been slow to address the issue. Whilst the agency is dismissive of the latest DDoS attack its inability to protect itself nearly a year after the first public attack plants a seed of doubt about the calibre of its security program.

Perhaps most concerning is that SOCA is conceding the initiative to criminals who are attacking the agency directly. Would the police stand by, for example, while some hooligan scrawled graffiti on a local station with the explanation that they had more important things on which to spend time and money? Would the public tolerate that response?

Whilst putting its foot down on spending public funds is commendable, failing to respond to a direct criminal attack on law enforcement’s public face seems an odd place for SOCA to draw a line in the sand.

Source: http://www.publicservice.co.uk/feature_story.asp?id=19768

ESET Lists the Dominant E-Threats of 2010

According to its “End of 2010 Report’ that ESET the Slovakian security company released recently, the firm has detected Conficker, INF/Autorun and Win32/PSLOnlineGames as the three most prevalent malicious e-threats that respectively contributed a share of 8.45%, 6.76% and 3.59% to the total malware during 2010.

Moreover, ESET discloses that over 3 consecutive months, the malicious program Bflient.k has remained within the company’s Top Ten Threats List that ESET prepares every month.

Elaborate the security researchers that Bflient, which’s traded among cyber-criminals, is a toolkit with which botnets can be built and preserved. Moreover, the toolkit is customized for each client so that a distinction is maintained from customer to customer.

Notes the report that after a purchase takes place, the client is equipped with instructing his botnet for carrying out the typical operations viz. executing a DDoS (distributed denial-of-service) assault, contaminating other PCs, as well as downloading and planting suspicious programs whenever wished. Infosecurity-magazine.com reported this on February 1, 2011.

Furthermore, there’s a special risk from Facebook to users visiting the website in that they could contract malware as well as other assaults based on social engineering. Facebook, in its attempt at eliminating the symptom instead of the malaise, may keep on offering the privacy-infiltration factor which typically associates social media, since users want just that, in order that they (users) themselves have the onus of making sure that their databases aren’t given out in manners disagreeable to them. A few websites like Bebo have in fact switched to the “deny some things” option from “deny nothing” despite the fact that sharing the maximum of user database is basic so far as the website’s commercial model is concerned.

Additionally, aside the aforementioned issues, ESET in its report discusses the Wikileaks story as well which was dominant between July and December 2010. First, several attempts were made, though unsuccessful, for closing stable door via disabling Wikileaks servers first and subsequently with prominent online players’ coordinated corporate exertion for stopping funding and obstructing any more dissemination of the hacked database. Indeed, consequent of the Wikileaks episode, many DDoS and spam attacks took place worldwide.

Source: http://www.spamfighter.com/ESET-Lists-the-Dominant-E-Threats-of-2010-15768-News.htm

Securing the cloud

The future of the Internet could look like this: The bulk of the world’s computing is outsourced to “the cloud”─to massive data centers that house tens or even hundreds of thousands of computers. Rather than doing most of the heavy lifting themselves, our PCs, laptops, tablets and smart phones act like terminals, remotely accessing data centers through the Internet while conserving their processing juice for tasks like rendering HD video and generating concert-quality sound.

What needs to be figured out for this cloud-based future to emerge are three big things. One is how the computers within these data centers should talk to each other. Another is how the data centers should talk to each other within a super-secure cloud core. The third is how the cloud should talk to everyone else, including the big Internet service providers, the local ISPs and the end-of-the-line users (i.e. us).

This last channel, in particular, interests Michael Walfish, an assistant professor of computer science and one of the principal investigators of the NEBULA Project, which was awarded $7.5 million by the National Science Foundation to develop an architecture for making the Internet more cloud-friendly. If we’re going to be trusting so much of our computing lives to the cloud, he believes, we need to develop a more secure model for how information travels.

“A sender should be able to determine the path that information packets should take,” says Walfish. “A receiver should not have to accept traffic that she does not want. An intermediate provider should be able to know where the packet’s been and should be able to exercise its policies about the downstream provider that’s going to handle the flow next.”

Walfish’s system for providing such capacities, which he’s developing with colleagues at Stanford, the Stevens Institute of Technology, and University of California-Berkeley, is called ICING. It’s a set of protocols that allow every packet of information not only to plot out a path from beginning to end, choosing every provider along the way, but also to establish a chain of provenance as it goes that proves, to both the intermediaries and the final recipients, that it came from where it said it was coming from.

“What we do is take a packet, a unit of data, and we add some fields to the head of the packet,” says Walfish, who in 2009 won an Air Force Young Investigator Award for work related to ICING.

“These fields contain enough cryptographic information to be able to communicate to every realm along the way, and back to the sender, where the packet’s been. So when a packet shows up, I know where it’s been. I know whether it obeys the policies of everyone along the path. That property does not exist today.”

The advantages of such knowledge, says Walfish, should be considerable. Senders, for instance, could contract with intermediate providers for a kind of expressway through the Internet. Recipients would have an easier time sorting their incoming traffic into different levels of priority depending on the routes the packets took.

Michael Walfish, assistant professor of computer science, is working to secure the future of cloud computing.

Perhaps the greatest advantage of adopting a system like ICING, says Walfish, would come in the area of security. Targets of various kinds of Internet attacks, like denial-of-service attacks, would be able to sever traffic from their attackers faster and with much greater precision. Governments would be able to set up channels of communication that pass through only well-vetted and highly-trusted service providers. Internet security companies could, from anywhere in the world, inspect your traffic for viruses.

“Right now,” says Walfish, “there are ways to deal with attackers, but they’re crude, and they’re reactive. Once the traffic enters the victim’s network link, you’re hosed. All you can do is shut it all down. It would be like if you had a huge line of people coming into your office, not letting you get work done. You could kick them all out, but you still wouldn’t get any work done because you’d spend all your time kicking them out. What you really need is for them to not show up in the first place.”

ICING, says Walfish, would also prevent “IP hijacking,” a kind of attack in which a network provider redirects net traffic by falsely “advertising” to hold a given IP address or by claiming to offer a more direct route to that address. Such IP hijackings can be globally disruptive. In 2008, for instance, the Pakistani government sought to block videos containing the controversial Danish cartoons that depicted Mohammed. The result was a global shutdown of Youtube for more than an hour. Last year, it’s believed, China Telecom was able to capture 15% of the world’s Internet traffic, for 18 minutes, by falsely claiming to be the source of more than 30,000 IP addresses.

“There are multiple reasons why this wouldn’t happen in ICING,” says Walfish. “First, in ICING, the contents of the advertisement and the name of the advertised destination are tightly bound; lie about one, and the other looks invalid. Second, because packets must respect policy, a packet taking an aberrant path will be detected as such.”

ICING, and its parent project NEBULA, are one of four multi-institutional projects being funded by the National Science Foundation’s Future Internet Architecture (FIA) program. The point of the FIA program, and of the efforts of Walfish and his colleagues, is to step back from the day-to-day challenges of managing the flow of information on the ‘net, and think more fundamentally about what kind of architecture the Internet should have going forward.

“Where ICING was born, I think,” says Walfish,  “was in the realization my teammates and I had that while there was a consensus about what kinds of things needed to change, and there were  a lot of proposals to make those changes, all the proposals seemed to be mutually exclusive. They all required the same space in packets. It would be like if your bike was out-of-date and someone said, oh, you can get this really cool feature if you just replace your front wheel with this wheel, and then someone else came along said, oh, you can get this other really cool feature, but you have to replace your front wheel with this wheel. Well, you can only have one front wheel. So what we set out to do was to design a much more general-purpose mechanism where you could get all these properties without their conflicting with each other, and that’s what I think we’ve done.”

Source: http://web5.cns.utexas.edu/news/2011/01/securing-the-cloud/

2011 Likely to Have Far More Malevolent Threats, Security Experts Warn

According to a warning by IT security experts, 2011 could be more challenging with respect to malware threats compared to the current year (2010). The Hindu Business Line published this on December 27, 2010. Also, according to the experts, they anticipate a huge change within the threat scenario as fresh types of organizers emerge having increasingly effective objectives for their Internet assaults.

Additionally, they state that during 2011, viruses will appear more-and-more similar to those we see in science fiction films. Together with this, the realm of cyber-crime will consolidate just like corporations merge. Viruses won’t simply attack individuals, but target corporations and installations more-and-more. There will be no sparing of anti-virus agencies too.

According to Vice-President Shantanu Ghosh for Symantec’s India operations, in 2011, there will be increasing attacks against industrial organizations and crucial infrastructures and while there’ll be responses from ISPs, the governments will take counter actions only slowly. The Economic Times published this on December 28, 2010.

Furthermore, mid-sized businesses will be targeted with cyber-spying. Both critical infrastructures and highly reputed brands will keep on getting attacked with more-and-more localized and targeted assaults. Besides, most assaults will take place through Web-browsers, while Distributed Denial-of-Service (DDoS) attacks will continue to inflict the Internet in a massive way.

According to The Hindu Business Line dated December 27, 2010, security specialists think there’ll be a completely fresh group of more dangerous authors of malicious software as well as malware attacks that will seek private data and monetary gains. Also, Spyware 2.0 will emerge which is a fresh breed of malicious program for capturing users’ private information.

Additionally, there will be more of cyber-criminals’ attacks against users in big companies, while direct assaults against daily end-users will slowly decline.

Hence it’s vital for comprehending that for executing an online assault, the technique utilized won’t rely on the entity organizing it alternatively the objective(s) it has rather it’ll be reliant on the services of the Internet, the technical abilities of modern operating systems, and of course the gadgets the general public utilize during work as well as during their day to day living.

SPAMfighter News – 05-01-2011

Source: http://www.spamfighter.com/News-15601-2011-Likely-to-Have-Far-More-Malevolent-Threats-Security-Experts-Warn.htm

Floating point DoS attack

A bug in the way the PHP scripting language converts certain numbers may cause it to tie up all system resources. For example, on 32-bit systems, converting the string “2.2250738585072011e-308″ into a floating point number using the function zend_strtod results in an infinite loop and consequent full utilisation of CPU resources.

PHP 5.2 and 5.3 are affected, but apparently only on Intel CPUs which use x87 instructions to process floating point numbers. The x87 design has long been known to contains a bug which triggers just this problemPDF when computing approximations to 64-bit floating point numbers. By default, 64-bit systems instead use the SSE instruction set extension, under which the error does not occur. Processing the numbers 0.22250738585072011e-307, 22.250738585072011e-309 and 22250738585072011e-324 also triggers an infinite loop.

It may also be possible to remotely disable some server systems merely by sending this value as a parameter in a GET request. The PHP development team has fixed this in the forthcoming version 5.3.5. A patch for version 5.2.16 is available from the repository.

Source: http://www.h-online.com/security/news/item/Floating-point-DoS-attack-1163838.html

Wikileaks Affair & the CyberWorld

The Wikileaks Affair & the CyberWorld

ESET Ireland’s Urban Schrott Examines How Global Communities Defend the Right of Free Information Circulation

ESET_Wikileaks.jpg2010 bows out on a note of controversy and turmoil, not only in the areas of diplomatic, political, international relations and law, but also, probably for the first time in history, with the involvement (willingly or otherwise) of the whole global online community in an initiative aimed at defending the right to free information circulation through various means.

Leaving aside all the aforementioned global implications to focus purely IT security issues, this is a multilayered phenomenon, where each layer could be expanded into a security analysis all on its own. For the sake of a comprehensive overview, lets focus on a few of its most prominent manifestations here, and on how the Wikileaks affair might prove to be a game-changer in several aspects.

The first consideration, the original sin you might say, is of course data protection itself. More specifically, the question of how potentially compromising data was being gathered, how it was transported and how it was stored. And where in all these processes people with various levels of clearance were able to get their hands on it and misuse it.

Inside Stories

Various IT security analysts have been pointing out for years now, how insider data abuse is far the most common source of data leakage. According to a 2009 Ponemon study, 59% of corporate workers surveyed stated they would leave with sensitive corporate data upon layoff or departure; 79% of these respondents admitted that their company did not permit them to leave with company data and 68% were planning to use such information as email lists, customer contact lists and employee records that they stole from their employer.

Even though these data have been available for nearly two years, there seems to have been no significant global trend towards major policy changes regarding in-house data protection, nor has there been a reported widespread increase of the use of specialised protection hardware and software. So since nowadays most data, including data formally classified as sensitive, are no longer collected as neatly organised papers in filing cabinets, but digitally, and are therefore very easy to copy and distribute for anyone who can gain access to them, it was inevitable that a major incident would take place sooner or later. And while such incidents in the corporate environment can usually be accommodated within the bounds of economic sustainability, in this case, since the breaches concern classified government documents, mainly related to US international involvement in sensitive areas, the damage done has greatly affected already brittle international relations.

The After Effects

Now to the next part of the story, the after-effects. The first and most immediate development was a series of futile attempts to shut the stable door, firstly through shutting down Wikileaks servers, then by the exertion of coordinated corporate pressure from some of the major online players to disable funding and hamper further distribution of the compromised data.

The varied national legislations regarding webhosting made it impossible to block the distribution of data globally, while the funding issue and the involvement of (presumably) independent companies such as PayPal and Amazon sparked an unprecedented backlash from netizens worldwide which resulted in yet another previously unheard of situation. This was the much publicised Operation Payback, a concerted global hacking offensive, which was in December directed against the supposed offenders against the freedom of information.

This quick and well organised response surprised many, even if the “relative ease” and success of the attacks chosen didn’t. Jan-Keno Janssen, Jurgen Kuri, Jurgen Schmidt wrote about it in a thoughtful article for Heise (The H), while ESET’s Jeff Debrosse wrote in more detail about the DDoS (Distributed Denial of Service) attacks in his article “Web Weaponization and WikiLeaks”, where yet another twist is disclosed: cybercriminals were quick to attach their own interests to all the buzz created around the topic, spreading infected links supposedly leading to more info or resources, and SEO-ing (using Search Engine Optimization techniques) around the Wikileaks buzzwords.

Opinion has been divided on the concept of “ethical hacking”, especially in the context of the viability and morality of using measures that may cause inconvenience (and worse) to users of targeted services who may or may not be sympathetic to the Wikileaks stance. Consider, for example, this post by Neil Schwartzman which describes an attack on Spamhaus launched on the assumption that the blacklisting of the wikileaks.info site was a further example of harassment of Wikileaks. Spamhaus, however, claims that wikileaks.info is a malicious site intended to take advantage of all the fuss to pursue its own unethical purposes. While we can’t say authoritatively who is “in the right” in this particular case, it seems all too likely that criminals will continue to use this controversy to their own advantage We can only hope that the defenders of information’s right to “want to be free” do not see the efforts of malware distributors, bot-herders and phishers as “free speech.”

Operation Leakspin

A different approach, aimed at a greater dissemination of controversial data rather than disrupting anyone else’s work, is now also in effect through the means of Operation Leakspin, but that’s already going beyond the field of IT security.

Overall it’s still not sure whether the whole evolution of the Wikileaks affair is best described as a domino effect or a butterfly effect, or the combination of both, given all the repercussions and sub-plots developing all over the web. However, we are very likely to see change in some of the established protocols regarding data handling and distribution as a direct or indirect result of this incident, or perhaps even the introduction of new ones.

Source: http://irishdev.com/Home/News/1393-Wikileaks-Affair–the-CyberWorld.html

Copyright © 2014. DoS Protection UK. All Rights Reserved. Website Developed by: 6folds Marketing Inc. | Demo Test