Connect with us

DDoS Attacks

Michigan High School Student Facing Charges After DDoS’ing School Network

Published

on

A student at Monroe High School in Monroe, Michigan, was recently caught conducting a distributed denial of service attack (DDoS), and Monroe Public Schools Superintendent Barry Martin says the district will be pressing charges.

Over a period of two weeks, the unnamed student managed to take the network down for ten to fifteen minutes at a time during the school day. This had a heightened effect on the district, as modern-day high schools rely heavily on the Internet for administration as well as classroom instruction.

“We are so reliant on the Internet that we can’t afford to have down time,”

said Stephen McNew, the superintendent of the district in which the student attended school.

No Sensitive Data Compromised

Despite having success at being disruptive, an act that the student considered to be a prank, no sensitive documents, e-mails, or files were ever compromised, which should contribute greatly to his defense. Merely disrupting communications is far less of a crime than is stealing sensitive information about other students or private communications between staff members.

“A Good Student”

Barry Martin called the alleged hacker “a good student” in comments to the Monroe News but said that this act could not be tolerated, and charges would be filed. DDoS is a federal felony, but from the sounds of it, the FBI has not yet been involved in the case. It is taken very seriously when the targets are larger organizations or government institutions, and ordinarily those who are serious about conducting DDoS attacks are careful to cover their tracks.

It is not yet evident how the student was found to be a suspect in the case, but in the town of roughly 20,000 people, the pool of likely suspects is rather slim. The profile would be a student with high grades and extreme computer aptitude. This would make the pool of likely suspects even smaller. The way that high schools often conduct such investigations, the student would have been brought in front of a police officer and interrogated until he confessed. Like as not, school officials would pretend to know already that he was guilty, and he would confess. Equally as likely, the student bragged about it to another student, who then turned him in.

Also read: DDoS Attacks Land 51-Year-Old UK Hacker Under Arrest

Another thing that the administrators said about the student was that he probably didn’t know the seriousness of what he was doing. This is in line with existing research that has concluded that adolescents are less likely to consider the consequences of their actions before taking them.

Locals Have Mixed Feelings

Many locals on the Monroe News Facebook page felt that a felony would be too stern a response for the gifted student’s prank. After all, in the end, the one thing he illustrated was that the school district had a weak network infrastructure that needs upgrading. Especially if, as administrators have said, they are extremely reliant on the Internet in daily teaching.

Here are some of the comments to the page:

2-monroe-1

2-monroe-2

2-monroe-3
What do you think? Is a felony charge too harsh for a simple DDoS attack on a weak school network? Or should the student be given community service and be allowed to finish his high school education? Share above and comment below.

Images from Shutterstock and phm.link.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...

5 stars on average, based on 2 rated postsP. H. Madore has covered the cryptocurrency beat over the course of hundreds of articles for Hacked's sister site, CryptoCoinsNews, as well as some of her competitors. He is a major contributing developer to the Woodcoin project, and has made technical contributions on a number of other cryptocurrency projects. In spare time, he recently began a more personalized, weekly newsletter at http://ico.phm.link




Feedback or Requests?

5 Comments

5 Comments

  1. ken Code

    April 5, 2015 at 10:38 am

    “The profile would be a student with high grades” – huh? Most of the kids I hung with didn’t give a sh*t about their grades, nor did I. Yes, I graduated too, like that even matters. Most of us just read books on the subjects we were interested in and continue to employ us even today. “brought in front of a police officer and interrogated until he confessed” – WTF? “school officials would pretend to know already that he was guilty, and he would confess” – WTF?!!!! “the student bragged about it to another student, who then turned him in” – dude, if you’re gonna gray hat, keep your frign mouth shut. “the one thing he illustrated was that the school district had a weak network infrastructure that needs upgrading” – ok, so hire him part time to do security audits for the school district. The best way to learn is to experiment.. Just get permission from the sysadmin or principal first (by email so that it’s documented), tell them you have found holes in their network and coordinate a time to show them.

    • englishvinal

      June 28, 2015 at 3:57 pm

      Oh … posh! You are just another new worlder…. waiting to go poof like all the rest of them.
      Sure the kid should “be a team player” right?
      The boy was probably set up by “system oriented supporters” just like you… more zombies to worry about eating us few rebels alive.

  2. englishvinal

    April 5, 2015 at 4:25 pm

    Before this “dependency scenario” is over, this school …. this nation and every jury-rigged computer dependent system is going to end…… and not well.
    You would think that the bobbing heads up the food chain would focus on lessening the computer dependency, and designing a system less vulnerable instead of prosecuting the “messenger”.

    • englishvinal

      June 28, 2015 at 3:54 pm

      Russia is using IBM typewriters these days for important stuff……… and filing cabinets still exist… I heard that the Chinese government is doing the same… True? Don’t know for sure, but I think that they are smart enough to avoid the inevitable hack that lies in wait.

  3. englishvinal

    June 28, 2015 at 3:52 pm

    If the STUPID officials at the school… are dumb enough to become that dependent on computers…. and are so lazy that nothing gets logged “the old fashioned way… just in case” then I will have a good giggle when the go dark!

You must be logged in to post a comment Login

Leave a Reply

Cryptocurrencies

Spectre And Meltdown Madness: What It Means For Ethereum

Published

on

To anyone who talks in terms of a cryptocurrency bubble, consider the following fun facts. In the short period of a few days following the bombshell announcement of Meltdown and Spectre, crypto prices responded in the following manner:

Bitcoin +18%

ETH +41%

Litecoin +30%

In my view, this is clear evidence of a market that is responding rationally to information coming from responsible sources. To appreciate what all the noise is about you must appreciate what Meltdown and Spectre are and why they present a danger to the big companies providing cloud storage for the corporate world.

Once this is clear, then you will better appreciate why Ether’s 41%+ short-term price spike left the others in the dust. But first lets dig into the Meltdown and Spectre situation.

The Secret Got Out

 On January 3 the secret about a new class of security vulnerabilities leaked out to the public. Not only was this seriously bad news but the leak also gave hackers advanced notice before anyone could begin to fix the twin problems.

The degree of seriousness is in the fact that almost all major microprocessor chips are vulnerable. This opens the door to hackers stealing information from personal as well as cloud services.

Researchers claim that Meltdown can be fixed with a patch. Shortly thereafter about every major player announced their patch. But there are two issues here. Will the patches fully solve they problem?

Casting A Cloud Over The Cloud

When a corporation becomes a cloud customer, even the largest share machines with other customers. This is the basic flaw in the centralized structure of cloud storage. Contrast this with the decentralized structure of blockchain technology and you begin to appreciate the force behind the sudden price spike in cryptocurrencies that we highlighted above.

Even though security tools and protocols are designed to separate customers date, the recently discovered Meltdown and Spectre flaws still leave serious vulnerabilities.

Meltdown, hackers could rent space on a cloud service, just like any other business customer. Once they were on the service, the flaw would allow them to grab information like passwords from other customers.

Secondly, reports on cloud services like Amazon, Google and Microsoft claim that it creates as much as 30% slower computation speeds. That clearly won’t make for happy customers.

Jerky NetFlix

Virtually everyone reviewing the situation believes individual computer users are the least vulnerable. That may be true. Hackers are in the hunt for the biggest prize and that would be the big three cloud companies. But how do you think families are going to react if their Netflix stalls and buffers every few minutes?

In the final analysis, the Meltdown flaw affects virtually every computer chip fabricated by Intel in use today. You are talking about 90% of the Internet and business world. But Meltdown is just one flaw.

Spectre is the other flaw and this one is the more insidious of the two. There is no known fix. Intel, AMD and others have claimed how complex a project it would be for hackers to breech the Spectre vulnerability. That is pretty hollow comfort. After all, hasn’t the FBI security been breeched. Those guys were supposed to be airtight.

Boom Days For Blockchain

In so many ways, last year marked a tipping point in the spread and acceptance of blockchain technology. The uses for Bitcoin are probably best gauged by its record $20,000 price in December. For Ethereum, it may have been marked by the formation of the Enterprise Ethereum Alliance (EEA) in February and rise to over 300 members at year-end.

No sooner has 2018 begun that the Meltdown and Spectre flaws created unexpected excitement for investors in cryptocurrencies. If I were a software salesman out of work, I would be sending my resume to every crypto company offering to peddle their blockchain. It could be the easiest job since selling web design services in 1995.

The Ethereum platform with its smart contracts is not the only crypto capable of addressing this newly uncovered opportunity created by Meltdown and Spectre. You can safely bet this will attract many players and for good reason, today’s blockchain technology is a long way from fast enough for mass adoption. Blockchain security may be a step or two better in it present form than cloud storage, but it has its security issues as well.

Building the Ethereum Moat

 EEA founder Jeremy Millar is clearly a brand ambassador for Ethereum. He believes that CEOs hear the chatter about blockchain and are pre sold not having a clear picture what can be accomplished or the money saved using this technology. The important thing is for IT departments to have a respected brand to attach to their recommendations.

The EEA seeks to connect and inform and through this pioneering process spread the gospel of Ethereum. So far this is beginning to build a brand franchise for Ethereum.

The EEA is the largest blockchain body and is committed to using open-source Ethereum technology for enterprise blockchain solutions. EEA expects to see great advances in these areas in 2018 with Ethereum technologies.

It also helps when Wall Street banks uncover the potential for billions in savings on the trading desks through the applications of the Ethereum platform.

So, if you though the last year held plenty of excitement, the Meltdown and Spectre flaws promise to make this year every bit as much fun.

Featured image courtesy of Shutterstock.

 

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
14 votes, average: 4.14 out of 514 votes, average: 4.14 out of 514 votes, average: 4.14 out of 514 votes, average: 4.14 out of 514 votes, average: 4.14 out of 5 (14 votes, average: 4.14 out of 5)
You need to be a registered member to rate this.
Loading...

4.4 stars on average, based on 114 rated postsJames Waggoner is a veteran Wall Street analyst and hedge fund manager who has spent the past few years researching the fintech possibilities of cryptocurrencies. He has a special passion for writing about the future of crypto.




Feedback or Requests?

Continue Reading

Cybersecurity

The Biggest DDoS Attack of 2016 Was Caused by an Angry Gamer

Published

on

October 2016 saw the biggest DDoS attack of the year target a DNS services company called DYN. The massive attack pumped more than one terabit of data per second, crashing the company’s servers. Even tough Dyn attempted to mitigate the attack, major websites such as Twitter, Netflix and Reddit were temporarily taken down.

Hacked.com reported that one cryptographer called it before it happened, as someone was testing the defensive capabilities of companies who provide core internet services. Even though network-wide outage didn’t occur, it still crashed a part internet in the US.

Now net information came to light. Reportedly, a very angry gamer had a grudge against Sony’s PlayStation Network. Dale Drew, CSO of Level 3 Communications, stated:

We believe that in the case of Dyn, the relatively unsophisticated attacker sought to take offline a gaming site with which it had a personal grudge and rented time on the IoT botnet to accomplish this

Drew didn’t name Sony’s PlayStation Network, but the Wall Street Journal found sources that did.

As it turns out, one gamers’ grudge was enough to take down a few major websites. It might seem odd, but the IoT brought vulnerabilities that allow hackers to create entire armies with the use of botnets – in this case, the Mirai botnet.

How One Individual Crippled the Internet

According to Forbes, the individual found hackers on a dark net criminal forum selling access to huge armies of IoT devices infected with the Mirai botnet. The angry gamer paid $7500 for temporary access to the powerful cyberweapon. Then, in an act of revenge, he aimed its “cannons” at Dyn.

Mikko Hypponen, Chief Research Officer at F-Secure, even said on Twitter the ad for the Mirai botnet was on the Alpha Bay form. Alpha Bay is a very popular deep web market, that surged in popularity after Silk Road’s era.

The attack on Dyn was close to the world DDoS record, which was accomplished against OVH, a French hosting provider. The record was at over 1 terabit per second, little above the DDoS attack that recently crippled the internet.

Image from Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.7 stars on average, based on 4 rated postsCryptocurrency enthusiast, writing about financial freedom and the future of money




Feedback or Requests?

Continue Reading

Cybersecurity

Botnet DDoS Attacks More Sophisticated Than Ever

Published

on

DDoS

 

A new report by security firm Kaspersky Lab has revealed that as many as 67 countries’ resources and installations have been targeted by botnet-based DDoS attacks, in Q3 2016 alone.

The world received a rude jolt of the increasing threat of cyberattacks when DNS provider Dyn was targeted in an unprecedented DDoS attack in October 2016. That cyberattack was caused from a botnet that included IoT (Internet of Things) devices like surveillance cameras and routers. Suffice to say, the DNS blackout was undoubtedly the most notable DDoS-induced disruption in a growing trend of botnet-assisted DDoS attacks.

A new report by Kaspersky Lab has now revealed that servers used for such attacks have seen a considerable increase. So too, has the number of sophisticated DDoS attacks emanating from encrypted traffic.

A staggering majority of the targeted resources (62.6%) by botnet DDoS attacks were located in China, in a continuing trend. China, the United States and South Korea, in that order, see the unfortunate distinction of leading the charts in both – the number of DDoS attacks and the number of targets. While China and South Korea saw the number of victims decrease, the number of attacks on resources located in the U.S., Russia and Japan has increased.

Still, despite the decrease in the total number of attacks registered, China remains the country with the most targeted sources. One particularly popular Chinese search engine saw 19 mammoth botnet-DDoS attacks while one Chinese internet provider bore the brunt of the longest attack in the entire quarter, clocking a total of 184 long hours. That’s over a week of one sustained DDoS attack!

The report also revealed another notable takeaway, with Linux botnets increasing even further, with 78.9% of all detected attacks in Q3 2016 stemming from Linux botnets.

“Smart” Attacks on the Rise

Attacks using encryption of transmitted data, typically known as “smart” attacks have also grown in number. A smart-attack usually targets parts of the website that are heavy on scripts, leading to an increased load when compared to other parts of the website. For instance, a smart attack would typically target a relatively small number of queries toward a search form, with an encrypted connection. Since the attack uses low intensity encrypted traffic, they usually escape the mitigation filters employed by specialized DDoS protection providers.

Elaborating on these attacks, Kirill IIganaev, head of Kaspersky DDoS protection stated:

This method is growing in popularity because amplification attacks are becoming more complicated and inefficient for cybercriminals.

Furthermore, IIGanaev points to the concentrated effort in moving websites away from the traditional HTTP protocol to a more secure, encrypted connection standard like HTTPS.

He added:

All this suggests that the number of encryption-based attacks will only grow, meaning developers have to immediately start revising their anti-DDoS protection measures, and owners of web resources need to take a responsible approach to choosing a security solution.

Image from Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...

4 stars on average, based on 1 rated postsSamburaj is the contributing editor at Hacked and keeps tabs on science, technology and cyber security.




Feedback or Requests?

Continue Reading

Recent Comments

Recent Posts

A part of CCN

Hacked.com is Neutral and Unbiased

Hacked.com and its team members have pledged to reject any form of advertisement or sponsorships from 3rd parties. We will always be neutral and we strive towards a fully unbiased view on all topics. Whenever an author has a conflicting interest, that should be clearly stated in the post itself with a disclaimer. If you suspect that one of our team members are biased, please notify me immediately at jonas.borchgrevink(at)hacked.com.

Trending