Connect with us

DDoS Attacks

Dutch Government Goes Offline

Published

on

Government.nl (Dutch rijksoverheid.nl) and numerous other official Dutch government websites were offline Tuesday thanks to a massive, sustained, 10-hour distributed denial of service attack. The source of the attacks remains undisclosed and the specifics of the attack have been vague thus far.

// -- Discuss and ask questions in our community on Workplace.

What We Know

netherland flagThe attack began around 0900GMT and lasted well into the evening. It made all official government websites all but inaccessible but did not stop there. Popular satire portal GeenStijl.nl as well as major telecommunications service Telford were also under siege during the same time. Their wounds could be attributed to residing on the same servers by contracting with Prohosting.

The government has back-up servers, but it turns out the complexity and number of Dutch governmental sites have grown so much since their installation that now the back-up servers aren’t capable of doing their job. This fact led members of parliament to outraged demands that measures be taken to withstand such attacks in the future.

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

The BBC spoke to two security researchers who did not buy the source being unable to trace. “If you face a DDoS, you know it,” said Christian Doerr, a specialist at Delft Technical University.

What We Don’t Know

  1. Motive. While often enough these sorts of attacks are done simply for fun by young people with a decreased understanding of the consequences of their actions, taking down governmental websites usually isn’t considered much fun. When that motive is the case, things that enemies enjoy like gaming networks are the target. The Dutch government recently extradited Russian-born hacker Vladimir Drinkman, but there is not yet any indication that the two actions are linked. Also recently an alleged member of a hacker collective demanded airtime from major broadcaster NOL using a pistol. Given that many hackers work in groups toward goals, it is entirely possible that friends of either of these are the source of retribution.
  2. Culprit. Politically motivated attacks are generally claimed by the attacker and explained for maximum effect. In the two days since the attack, nothing of the kind has surfaced.
  3. Actual impact. The Dutch government hasn’t been forthcoming about how much of its communications were effected by the attacks. They say that their other communications worked during the siege, yet their host claims that during the attack their phone lines were also out for various periods.

Back Online

Since the attack, no further problems have arisen. In the past, DDoS attacks have been used as diversion tactics in order for attackers to gain access to other areas of a system they are actually interested in. No one should be too surprised if a breach is discovered before very long which in one way or another dumps data the government has not published. The preceding statement is purely speculative, of course.

The Cyber Threat Intelligence Integration Center in the United States was launched on the same day as the DDoS attack. The new agency, founded in the wake of last year’s brazen and thorough Sony Pictures hack, is meant to function similarly to the way Joint Terrorism Task Forces do, except digitally.

Images from Shutterstock.

Important: Never invest money you can't afford to lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here.



Feedback or Requests?

4 Comments

4 Comments

  1. andrea

    February 13, 2015 at 1:13 pm

    Now we know that when the USA farts , The Dutch government has to sniff it. they are all connected , and don’t tell me the US is NOT reading everything and anything being written , said, emailed phoned, etc. there is little(obviously) that the usa don’t know about the quiet little Dutch. LOL welcome to BIG BROTHERS HOUSE Hollanders. .

    • jeron2mus

      February 13, 2015 at 6:58 pm

      take your meds or put on your tinfoil hat.

      • Grow Well

        February 14, 2015 at 7:52 am

        I’ve got my tinfoil hat on and I’m gonna say it…
        … que bono???

  2. sugamari

    February 16, 2015 at 2:31 am

    Coupled with a physical attack – we can now speculate who was behind both – it is very obvious to me can you even guess tho is the real question.

You must be logged in to post a comment Login

Leave a Reply

Cybersecurity

The Biggest DDoS Attack of 2016 Was Caused by an Angry Gamer

Published

on

October 2016 saw the biggest DDoS attack of the year target a DNS services company called DYN. The massive attack pumped more than one terabit of data per second, crashing the company’s servers. Even tough Dyn attempted to mitigate the attack, major websites such as Twitter, Netflix and Reddit were temporarily taken down.

// -- Discuss and ask questions in our community on Workplace.

Hacked.com reported that one cryptographer called it before it happened, as someone was testing the defensive capabilities of companies who provide core internet services. Even though network-wide outage didn’t occur, it still crashed a part internet in the US.

Now net information came to light. Reportedly, a very angry gamer had a grudge against Sony’s PlayStation Network. Dale Drew, CSO of Level 3 Communications, stated:

We believe that in the case of Dyn, the relatively unsophisticated attacker sought to take offline a gaming site with which it had a personal grudge and rented time on the IoT botnet to accomplish this

Drew didn’t name Sony’s PlayStation Network, but the Wall Street Journal found sources that did.

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

As it turns out, one gamers’ grudge was enough to take down a few major websites. It might seem odd, but the IoT brought vulnerabilities that allow hackers to create entire armies with the use of botnets – in this case, the Mirai botnet.

How One Individual Crippled the Internet

According to Forbes, the individual found hackers on a dark net criminal forum selling access to huge armies of IoT devices infected with the Mirai botnet. The angry gamer paid $7500 for temporary access to the powerful cyberweapon. Then, in an act of revenge, he aimed its “cannons” at Dyn.

Mikko Hypponen, Chief Research Officer at F-Secure, even said on Twitter the ad for the Mirai botnet was on the Alpha Bay form. Alpha Bay is a very popular deep web market, that surged in popularity after Silk Road’s era.

The attack on Dyn was close to the world DDoS record, which was accomplished against OVH, a French hosting provider. The record was at over 1 terabit per second, little above the DDoS attack that recently crippled the internet.

Image from Shutterstock.

Important: Never invest money you can't afford to lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here.



Feedback or Requests?

Continue Reading

Cybersecurity

Botnet DDoS Attacks More Sophisticated Than Ever

Published

on

DDoS

 

// -- Discuss and ask questions in our community on Workplace.

A new report by security firm Kaspersky Lab has revealed that as many as 67 countries’ resources and installations have been targeted by botnet-based DDoS attacks, in Q3 2016 alone.

The world received a rude jolt of the increasing threat of cyberattacks when DNS provider Dyn was targeted in an unprecedented DDoS attack in October 2016. That cyberattack was caused from a botnet that included IoT (Internet of Things) devices like surveillance cameras and routers. Suffice to say, the DNS blackout was undoubtedly the most notable DDoS-induced disruption in a growing trend of botnet-assisted DDoS attacks.

A new report by Kaspersky Lab has now revealed that servers used for such attacks have seen a considerable increase. So too, has the number of sophisticated DDoS attacks emanating from encrypted traffic.

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

A staggering majority of the targeted resources (62.6%) by botnet DDoS attacks were located in China, in a continuing trend. China, the United States and South Korea, in that order, see the unfortunate distinction of leading the charts in both – the number of DDoS attacks and the number of targets. While China and South Korea saw the number of victims decrease, the number of attacks on resources located in the U.S., Russia and Japan has increased.

Still, despite the decrease in the total number of attacks registered, China remains the country with the most targeted sources. One particularly popular Chinese search engine saw 19 mammoth botnet-DDoS attacks while one Chinese internet provider bore the brunt of the longest attack in the entire quarter, clocking a total of 184 long hours. That’s over a week of one sustained DDoS attack!

The report also revealed another notable takeaway, with Linux botnets increasing even further, with 78.9% of all detected attacks in Q3 2016 stemming from Linux botnets.

“Smart” Attacks on the Rise

Attacks using encryption of transmitted data, typically known as “smart” attacks have also grown in number. A smart-attack usually targets parts of the website that are heavy on scripts, leading to an increased load when compared to other parts of the website. For instance, a smart attack would typically target a relatively small number of queries toward a search form, with an encrypted connection. Since the attack uses low intensity encrypted traffic, they usually escape the mitigation filters employed by specialized DDoS protection providers.

Elaborating on these attacks, Kirill IIganaev, head of Kaspersky DDoS protection stated:

This method is growing in popularity because amplification attacks are becoming more complicated and inefficient for cybercriminals.

Furthermore, IIGanaev points to the concentrated effort in moving websites away from the traditional HTTP protocol to a more secure, encrypted connection standard like HTTPS.

He added:

All this suggests that the number of encryption-based attacks will only grow, meaning developers have to immediately start revising their anti-DDoS protection measures, and owners of web resources need to take a responsible approach to choosing a security solution.

Image from Shutterstock.

Important: Never invest money you can't afford to lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here.



Feedback or Requests?

Continue Reading

Blockchain

Is a Decentralized Internet the Solution to Outages?

Published

on

“Attacks that we witnessed today were possible mainly because there is a centralized infrastructure which could have been targeted,” said Piotr Janiuk, CTO of  Golem,  which seeks to decentralize the internet using peer-to-peer technology. “The attack itself isn’t easy to carry out, but it is obvious that even the backbone infrastructure behind the Internet contains single points of failure which are prone to such malicious activity – even though the infrastructure may comprise multiple machines. As of today, the trend is to move towards distributed solutions and the main problem is the lack of standard way of setting up the infrastructure.”

// -- Discuss and ask questions in our community on Workplace.

Golem  is among a legion of technologists who believe a decentralized everything is the best way avoid problems such as the widespread outages experienced in the US, the UK and western Europe going into the weekend.

The source of the Friday outages is New Hampshire internet infrastructure company, Dyn, which endured two separate cyber attacks within hours of each other. Dozens of websites, including PayPal, Twitter, Spotify, Netflix and others went down.

Netflix

Netflix was among several major websites that saw an outage.

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

 The outages began in the Eastern United States before affecting other parts of the country. Gizmodo cited five dozen sites seemingly affected by the attack, including CNN, HBO Now, Mashable, the New York Times, People.com, the Wall Street Journal and Yelp! affected by the attacks. U.S. officials from the U.S. State Department of Homeland Security and the Federal Bureau of Investigation opened an investigation into the attacks.

Amazon reported the outage affected users in Western Europe.  Twitter and select news sites were out in London on Friday evening. PayPal Holdings Inc. experienced outages in “certain regions” affecting payments.

Spotify, Reddit, AirBnB, the Verge all reportedly suffered outages. Amazon.com Inc’s web services, cloud computing service, reported outages, as well. That meant companies like Visa, Twitter and Netflix went down. Could all this be avoided with a decentralized internet?

“If you do a Google patent search you will see the state-of-the-art there,” Maidsafe CEO David Irvine told Hacked.com. “It’s very new.”

Maidsafe, and it’s SAFE network is modelled on colonies in nature, servers and intermediaries do not make logical sense and we sort of all know that in our deepest thoughts. Some say a decentralized internet is not possible.

“DDOS depends on a target, in SAFE the target is everyone’s computers,” Mr. Irvine said.  “An analogy would be DDOS is like swatting a large fly, in SAFE the large fly is a mass swarm of mossies which makes it hard even with 8 arms filled with fly swatters.” Mr. Irvine hopes the SAFE network might help to form the primordial soup of a decentralized internet.

SAFE uses xor addressing, a type of data structure used in computer programming, which means any node outages will be covered by the nearest nodes.

“This makes those mossies like zombie mossies or perhaps hydra like,” Mr. Irvine said.

This is stretching a little, he admits. Since no such decentralized networks exist, it’s difficult to know what one’s vulnerabilities might be. Maidsafe employs university research to help answer some questions. Maidsafe uses data chains, which are different from blockchains.

The Maidsafe model does not assume every node/person needs to know and agree on all information like in the Bitcoin blockchain model. “Detailed information is local and less detailed is more global,” he said. “This is like posting a letter, the closer to the destination the more info is known of the destination.”

The Golem Project’s vision of a decentralized internet entails running the ‘Golem app.’

“It’s hard to predict the definite direction in which distributed solutions will go but if infrastructure similar to Golem (production version with lots of nodes) was up and running then any service running on top of it would be resilient to this type of attacks,” Mr Janiuk told Hacked.com. “Of course at this point there is still a lot of work in the field not only because the infrastructure has to be deployed but also all sorts of utilities which are available today would have to be tailored to this new paradigm.”

He adds: “It seems that the centralised Internet of today is more and more pushed to its limits and the change of paradigm is inevitable in a longer run.” If the Internet is to grow and thrive, then the decentralization seems to be one of the best (if not the best) options.”

Images from Shutterstock.

Important: Never invest money you can't afford to lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here.



Feedback or Requests?

Continue Reading

Trending