DDoS

You know what it's like. You have a niggling desire to launch a DDoS attack on a website but there are a couple of problems. You might not know how to do it, you might not want to run the risk of getting caught, or you might, you know, be too lazy to do it yourself. Never fear, Lizard Squad is on hand to help you out.

The hacker collective hit the headlines over the holidays after taking out the PlayStation Network and Xbox Live. It then claimed to have had a (small) hand in the hack of Sony, but now the aim appears to be to monetize the whole venture. Lizard Squad has launched a service called LizardStresser that could be used to launch DDoS attacks.

Hacker outfit Lizard Squad was seemingly responsible for the misery of thousands of gamers this Christmas after a series of DDoS attacks were launched on the PlayStation Network and Xbox Live. Mega's Kim Dotcom stepped into the breach and was seemingly -- temporarily -- successful in negotiating with the group and getting them to stop the attacks.

While the gaming networks appear to have come back online for some, this is not enough for Anonymous -- yes, that Anonymous. The international activist group has declared war on Lizard Squad, saying that the hackers have "made an enemy" and warning that "now you are all going down".

North Korea experienced a complete internet outage for several hours last night before links were restored early this morning.

With the North Koreans at the center of the political storm over the Sony hack could this be some form of revenge attack?

DDoS attacks can have a serious effect on businesses, yet according to a new survey by Kaspersky Lab and B2B International only 50 percent of companies regard countering DDoS attacks as an essential part of their IT security.

This is despite the fact that the average cost of a DDoS attack to small and medium businesses is put at $52,000. For larger companies the average is $444,000.

Roger Dingledine, leader of the Tor Project, has warned it could be the subject of an attack this week. In a blog post, he cautioned users that the project had learned that directory authorities might be seized in an attempt to incapacitate the network. Dingledine does not hint at who might be responsible for a future attack, but reassured users that anonymity would be maintained.

Directory authorities are used by Tor clients to help route traffic through the network, ensuring that users remains anonymous at each stage. An attack on directory authorities would probably have little effect to start with, but there is potential to take down the network if enough servers were targeted.

Websites supporting the Occupy Central movement in Hong Kong have been hit with what is being described as one of the largest cyber attacks ever recorded.

The two sites, Apple Daily and PopVote, have been covering and vocally supporting the pro-democracy movement in Hong Kong. The two even carried out spoof elections for a new chief executive in the region.

New research from DDoS protection specialist Black Lotus shows that cyber attack incidents have continued to decline throughout this year.

There were 201,721 incidents in the third quarter of this year (down from 462,621 in Q1 2014 and 276,447 in Q2). This can be attributed to the security industry's increased knowledge and filtering against NTP DrDoS types of attacks, as well as more proactive activity to stop malicious attacks before or as soon as they're detected.

DDoS attacks can be extremely disruptive to business but it can be hard to quantify that disruption in financial and business terms.

A new report by security company Incapsula collates responses from 270 North American organizations of varying sizes to gauge the true impact of attacks. The findings indicate that DDoS attacks are relatively common with 45 percent of the respondents indicating their organization has been hit at some point. Of these, almost all (91 percent) reported an attack during the last 12 months, and 70 percent were targeted two or more times.

We reported back in March that DDoS attacks had risen sharply to become a major threat for online businesses.

In order to help companies cope, cloud security provider Incapsula is today launching a DDoS Playbook analyzing the threat landscape and providing businesses with a how-to guide to fend off attacks.

Last year, I eagerly pre-ordered the Sony Playstation 4 and got it on launch day. This was a happy moment for me, but I did have some trepidation. You see, Sony's reputation had been soiled for many years. If you recall, in 2005, the company severely impacted the security of many Windows machines with its CD rooktkit software. Any other company likely would have lost its supporters over such a disgraceful tactic, but Sony has a long history and it weathered the storm. However, fast-forward to 2011, and the PlayStation Network was hacked. This was not a small thing; personal identifying information of 77 million people were exposed. As a result, the company's reputation was severely impacted. Unfortunately, as a PlayStation 3 owner, I was included in that group and had to sign up for identity theft protection (Sony paid for a year of the service).

Somehow, I still bought the PS4 and after only owning it a very short while, I got an email from Sony that my login credentials needed to be changed for security reasons (irregular activity). Enough was enough -- I decided to return the PlayStation 4 and be done with Sony for all things that require network connectivity. Today, the PlayStation Network is once again in the spotlight as it has been taken down for hours by a denial-of-service attack. Sony has confirmed the attack, saying that so far, there is no evidence of stolen information.

Back in May we reported on Incapsula's packet filtering solution for combating DDoS attacks. Today the company reveals details of how its ‘Behemoth’ system has mitigated a massive multi-vector DDoS attack.

The attack lasted 38 days, during which Incapsula's scrubbing servers filtered out 50+ petabits (51,000+ terabits) of malicious traffic. While the attackers did switch between several targets, they consistently targeted the websites of one Incapsula client -- a video game company.

Cybercriminals don’t have to make their own malware these days, they can simply purchase ready-made kits. They don’t need to take out a bank loan to do so either -- malware is more affordable than you might think.

Trustwave’s security researchers did a little digging and found that depending on the type, malware can cost as little as two hundred dollars on the black market, and the tools on offer are pretty sophisticated too. Got your wallet ready? Here’s a price list of just some of the currently available malware:

In recent days we've seen DDoS attacks hit some major names like Feedly and even force the CodeSpaces hosting service out of business.

In a bid to combat the threat presented by DDoS attacks, security specialist Corero Network Security has announced a powerful web-based analytics portal.

If you moved to Feedly after the much lamented shut-down of Google Reader, as many RSS users did, then you may have noticed that the service is currently down. To prevent customers from wondering about the problems, the company has released an announcement.

Feedly says it is currently under a denial of service attack, with the attacker demanding money to bring an end to service interruption. In a brief post on the company blog, the developers let all customers know of the problem, and promise to update users as the situation develops.

One of the greatest threats faced by online businesses is the DDoS attack. Recent research by application delivery service Incapsula shows that DDoS attacks are up 240 percent and DNS attacks are also on the rise.

In response to this the company is launching significant updates to its DDoS Protection Services to stop the onslaught of attacks and protect even the largest enterprise customer.