Ddos - NEWS POLITE

Cyberattacks Being Fuelled by Ukraine War, Geopolitics, EU Cybersecurity Agency Says

Geopolitics such as Russia’s invasion of Ukraine has led to more damaging and widespread cybersecurity attacks in the year to July, EU cybersecurity agency ENISA said in its annual report on Thursday.

ENISA’s study follows concerns about the role of state actors and the growing range of threats to governments, companies and essential sectors such as energy, transport, banking and digital infrastructure.

The agency said geopolitical situations – in particular the Russian invasion of Ukraine – were game-changers during the period under review.

Zero-day exploits in which hackers exploit software vulnerabilities before developers have a chance to fix the flaws, as well as artificial intelligence-enabled disinformation, and deepfakes resulted in more malicious and widespread attacks with more damaging impact, it said.

“Today’s global context is inevitably driving major changes in the cybersecurity threat landscape. The new paradigm is shaped by the growing range of threat actors,” ENISA Executive Director Juhan Lepassaar said in a statement.

About 24 percent of cybersecurity attacks targeted public administration and governments while 13 percent targeted digital services providers, the report said.

The European Union in May agreed on tougher cybersecurity rules for essential sectors, with companies required to assess their risks, notify authorities and take measures to deal with the risks or face fines up to 2 percent of global turnover.

On Wednesday, Reuters reported that the US Treasury last month repelled cyberattacks by a pro-Russian hacker group, preventing disruption and confirming the effectiveness of the department’s stronger approach to financial system cybersecurity, citing a US Treasury official.

The Treasury has attributed the distributed denial of service (DDoS) attacks to Killnet, the Russian hacker group that claimed responsibility for disrupting the websites of several US states and airports in October, said Todd Conklin, cybersecurity counsellor to Deputy Treasury Secretary Wally Adeyemo.

The incident, not previously reported, occurred a couple of days before similar attacks from Killnet on US financial services firms, Conklin told a financial services industry and regulator conference on cybersecurity.

© Thomson Reuters 2022

Affiliate links may be automatically generated – see our ethics statement for details.

Check out our Latest News and Follow us at Facebook

Original Source

Taiwan Website Attacks Likely Caused by Chinese ‘Hacktivists’, Researchers Say

Digital attacks against Taiwanese government websites ahead of US House of Representatives Speaker Nancy Pelosi’s arrival in Taipei on Tuesday were likely launched by Chinese activist hackers, or “hacktivists,” a cybersecurity research organisation said. The website of Taiwan’s presidential office was targeted by a distributed denial of service (DDoS) attack on Tuesday and was at one point malfunctioning, the office said in a statement.

Access to the website was restored within about 20 minutes of the attack, the statement said. Taiwanese government agencies were monitoring the situation in the face of “information warfare,” a spokesperson later added.

A government portal website and Taiwan’s foreign ministry website were also taken offline and appeared inaccessible late on Tuesday. The foreign ministry did not immediately respond to a request for comment.

DDoS attacks work by directing high volumes of internet traffic towards targeted servers in a relatively unsophisticated bid to knock them offline.

“These are uncoordinated, random, moral-less attacks against websites that Chinese hacktivists use to get their message across,” said Johannes Ullrich, Dean of Research at the SANS Technology Institute, a cybersecurity education and research organisation.

“Usually it continues for a few days, but they often lose interest within a week. Many of the attacks are motivated by what is written in the Chinese press,” Ullrich added.

The disruptive digital blitz came from hundreds of thousands of IP addresses, tied to devices registered within Chinese commercial internet space, Ullrich said.

A similar cohort of Chinese IP addresses had been scanning the internet for low level, easily exploitable vulnerabilities since Friday, he added, and did not match the usual activity carried out by Chinese government hackers.

© Thomson Reuters 2022

Check out our Latest News and Follow us at Facebook

Original Source

Lithuania Faces Cyberattack, Russia’s Killnet Claims Hack of Sites in Retaliation for Transit Ban

Lithuanian state and private institutions were hit by a denial-of-service cyberattack on Monday, the Baltic country’s National Cyber Security Centre said in a statement released by the defence ministry.

“It is very likely that attacks of similar or greater intensity will continue in the coming days, especially in the transportation, energy and financial sectors,” the centre said.

Lithuania’s tax authority said in a statement it had halted all activities due to an unusually large number of attempts to connect to its systems, although all data was safe.

“The main targets are state institutions, transport institutions, media websites,” deputy Defence Minister Margiris Abukevicius said, in another sign of deteriorating relations between Baltic NATO country Lithuania and neighbouring Russia because of Moscow’s invasion of Ukraine in February.

Soon after, Russian hacker group Killnet claimed responsibility for the distributed denial of service (DDoS) cyberattack on Lithuania, saying it was in response to Vilnius’s decision to block the transit of goods sanctioned by the European Union to the Russian exclave of Kaliningrad.

“The attack will continue until Lithuania lifts the blockade,” a spokesperson for the Killnet group told Reuters. “We have demolished 1652 web resources. And that’s just so far.”

Kaliningrad is connected to the rest of Russia by a rail link through Lithuania, a member of the EU and NATO.

Kaliningrad is sandwiched between EU and NATO members Poland and Lithuania and supplied by rail via Lithuanian territory.

Lithuania had begun to see signs of an attack as early as June 21, Abukevicius said.

A Russian Security Council spokesperson on June 22 promised retaliation over the blocked shipments, stating that these would have “a serious negative impact on the population of Lithuania”.

European Union foreign policy chief Josep Borrell said last week Lithuania “only applies the European Union sanctions” in ceasing transport of certain goods to Kaliningrad, and has not taken any unilateral decisions.

Check out our Latest News and Follow us at Facebook

Original Source

Cloudflare Manages to Block Massive DDoS Attack on Unnamed Crypto Platform

Cloudflare, a company that specialises in web security has confirmed that they have successfully stopped what they believe to be one of the largest distributed denial-of-service or DDoS attacks on record, which targeted an unnamed cryptocurrency company. The attack was detected and mitigated automatically by Cloudflare’s defense systems, which were set up for one of its customers on a paid plan. At its peak, the attack reached a massive 15.3 million requests-per-second (rps) which, according to Cloudflare, makes it the largest HTTPS DDoS attack ever mitigated by the company.

The attack reportedly lasted less than 15 seconds and targeted a crypto launchpad, which Cloudflare analysts in a blog post said are “used to surface Decentralised Finance (DeFi) projects to potential investors.”

The blog post adds that the botnet used by the attacker comprised of about 6,000 unique bots that originated from more than 1,300 different networks in 112 countries around the world, with about 15 percent of the traffic coming from Indonesia. Other countries generating the most traffic included Russia, Brazil, India, Colombia and the US.

Cloudflare researchers didn’t name the botnet but said it was one that they’ve been watching and had seen attacks as large as 10 million rps that matched the same fingerprint.

As described by Cloudflare, a distributed denial-of-service (DDoS) attack is essentially an attempt to “maliciously disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.”

“DDoS attacks achieve effectiveness by utilising multiple compromised computer systems as sources of attack traffic. Exploited machines can include computers and other networked resources such as IoT devices,” adds Cloudflare.

In an HTTPS attack – such as the one used this time to target the crypto platform, the botnet attempts to overwhelm the target’s server with a massive number of requests, with an attempt to consume compute power and memory with the same goal of making it near impossible for legitimate users to access the website.

“HTTPS DDoS attacks are more expensive in terms of required computational resources because of the higher cost of establishing a secure TLS encrypted connection,” the Cloudflare threat-hunters wrote. “Therefore, it costs the attacker more to launch the attack, and for the victim to mitigate it. We’ve seen very large attacks in the past over (unencrypted) HTTP, but this attack stands out because of the resources it required at its scale.”

Check out our Latest News and Follow us at Facebook

Original Source

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.