Showing posts with label DDoS Attacks. Show all posts
Showing posts with label DDoS Attacks. Show all posts

Thursday 27 October 2016

What is a DDoS attack? And could my computer be a weapon?

Anonymous is a notorious hackers group which has recently caused a massive cyber-attack on a web hosting service provider which offers hosting services to a number of business site in the world. Anonymous has issued a chilling warning about an impending cyber-attack through Distributed Denial of Service through its Twitter handle. DDoS attack are the most favored and common way of launching attack on any website wherein the site is overloaded with service request to such a point wherein it ceases to function.

Its servers buckled down under the pressure and the site goes offline for the users which results in millions of dollars in loss for the business house which operates the site. Furthermore coming from such attack isn’t an easier affair as it requires a lot of time, money and expertise to bring site back to its full functionality coupled with latest security measures.

Quite recently a number of major banks and popular sites & services have taken a hit by Anonymous attack which includes Twitter, Netflix and Spotify. Anonymous has not stated at which establishment or corporate sector or even the site they will be attacking next with their DDoS attack.
Anonymous hackers group has shades of white and black

Over the years Anonymous has been able to get favorable support from the people all round the world through their good work. Anonymous hackers group has launched massive attacks against the Islamic State in the past which has left the notorious terrorist organization in online turmoil.

They launched a DDoS attack against the Australian PM website when Australia was thinking about block the malicious content on the website which was direct attack to user’s online freedom. In similar fashion Anonymous took down as many as eight Tunisian government website with DDoS attacks when they found that it was subduing the freedom of the speech of the people.

Quite recently it launched a massive cyber attack against a little webs hosting service provider which helped in bringing down the Twitter, Netflix, Spotify among others. Anonymous can easily be described as a group of activists which came together in 2003. Since November 2015 when Paris attacks took place Anonymous has declared a cyber war on the ISIS. Most of the time Anonymous takes down the website offline in order to bring focus towards the social justice or censorship present in the nation.

Huge number of popular website goes down

A number of users on global scale ranging from US to European regions are reported that they were inaccessible to the major popular site which includes, AirBnB, Pinterest, PayPal as well as PlayStation’s online service.

This particular DDoS attack was targeted on the Dyn which is a little known hosting service provider for a wide number of popular high traffic websites. Currently US authorities are investing this attack while Dyn has made a statement where it accepted attack on its servers. Dyn is working towards mitigating and monitoring the attack against its Managed DNS infrastructure.

Tuesday 6 January 2015

Giant DDoS Kicks Of North Korea Off The Internet

North Korea was unceremoniously knocked off the internet by DDoS (distributed denial of service) attack. This attack has come into limelight soon after the “proportional response” to the Sony Pictures hack promised by the government of the United States of America. According to the rumors, the attack was supposedly carried out by North Korea and this is what even the FBI believes. On one side if this attack was carried out by the US government, it will become too obvious, so it is safe to believe that this attack would have been carried out by some disgruntled hack-activists such as Lizard Squad or Anonymous. At present, internet has been restored in North Korea but the outage lasted for about 9 hours and 31 minutes.

Distributed Denial of Service (DDoS): 

While there might be some people who are not aware about DDoS, but is no longer unusual for a service to get knocked off by the same. In the last couple of months, both PlayStation Network and Xbox Live have encountered outage issues. But it is quite surprising for an entire country to get knocked off like this. But all this makes sense given to the poor internet connectivity in North Korea.

As far as North Korea is concerned, the state owns the newspapers and TV stations making sure that there is no freedom of information. This clearly indicates the presence of dictatorship and absence of any dealings with democracy. The country has a very tight control over the flow of information.

History has proven that country is easily controllable when all the information/knowledge/dogma generates from a single known point. When it comes to regime of the country, even though internet has all possible required knowledge for humans, it still does not jibe well with the country. Most of the citizens of the country only use intranet and internet is left for higher ups. The country does not depend much on internet but whatever is available is provided by telecommunications giant China Unicom.

Quite frankly, it is very easy to DDoS North Korea. They have a single cable, which connects to the rest of internet. For DDoS a single, low-bandwidth link is trivial but as most of the people in North Korea do not have access to internet, DDoS was not able to achieve what it was meant for.

There are enough speculations doing around about the people or the organization behind the attack. Lizard Squad, seems to have taken the responsibility for the attack on North Korea as they have tweeted, both Xbox Live & other targets have a lot of capacity. They had previously DDoSed the PlayStation Network and Xbox Live services.

The company’s Twitter account has been suspended. Anonymous also has a history of DDoSes but they have openly condemned the whole Sony Pictures/North Korea/The Interview debacle. While we can remember the cyber attack on Sony and the retaliation, which was promised by the US government, such DDoS on North Korea doesn’t make any sense from their side as it hardly makes any impact. While on one side a small period of DDoS will not have any major impact but if it continues for a few weeks or month, it can create serious problems for the country.

Wednesday 12 February 2014

Cloudflare Announces Massive DDoS Attack

The network security provider Cloudflare has reported last night about a massive DDoS attack on one of its customers. That was a NTP Reflection attack, which should be greater than the attack happened in 2013. It was tweeted By Cloudflare CEO Matthew Prince. The attack on one of its customers was carried out with up to 400 gigabits per second on 11th Feb 2014, tweeted Cloudflare CEO Matthew Prince on the night of 11 February 2014.

He was thus greater than that on the Swiss company Spamhaus in March 2013, the Cloudflare, estimated this attack and described this as the most recent attack on the Internet. This time, the attackers did not use a DNS server, but used a so called NTP Reflection attack, which is done via the timer log. Cloudflare is known for its rigid formulations. Prince compared the DDoS attack on Spamhaus with a nuclear attack in his blog, which affected the whole Internet.

At peak times it was run around 2.5 terabits of data through the Internet nodes. The security company Cloudflare does not tell so far which customer is affected by the current attack . However, reported at least one major French provider was the victim of this DDoS attack. OVH - founder and owner Oles tweeted that the attack was carried out with up to 350 Gbps.

The reason behind the DDoS attack is not ascertain so far. A Reflective attack on NTP is a fairly new procedure to bog down networks. Instead of DNS server now a days NTP server is used on the Internet for such attacks. These servers provide detailed time information worldwide. The attackers use fake data packets and put it in the IP address of the victim as a source.

The NTP servers in turn respond automatically and send data back to the real IP address. First, the attacker can successfully hide. Attackers can also send small fake data packets to the server and get them to respond with large packets. This can be achieved with a small bandwidth and in turn the attack use wide bandwidth of the victim.

Thursday 30 January 2014

Cross-Platform Java Bot Used for DDoS Attacks

The java platform is used in DDOS attacks by bot. The malicious Java application can be run on Windows, OS X and Linux machines. Kaspersky Lab researchers analyzed a malware that infects computers to form a botnet - a network of zombie computers - and use it in attacks distributed denial of service.

This botnet is controlled via IRC protocol to conduct targeted attacks on IP addresses. Attackers can adjust the intensity of the attack and its duration. It uses a data stream via HTTP or UDP. At least one target of this botnet was an email service.

The malware behind the botnet is written entirely in Java. Through this platform, it can be run on Windows, OS X and Linux. Still, it runs a Java vulnerability for which a patch exists since June 2013.

This vulnerability is present in the Java Runtime Environment with Oracle Java SE 7 Update 21 and earlier, and Java 6 Update 45 and earlier. This is not the first time a botnet infects the three most popular operating systems.