Find the latest posts and news related to data security, cloud storage and advanced data protection.

Types of Cyber Attacks

Data Security Leave a comment

Types of Cyber AttackThe rate and intensity of cyber attacks is escalating and probably affecting your internet activity and you don’t even know it. (Read more.)

In late March, spam-fighting organization Spamhaus was the target of a massive DDoS (distributed denial of service) attack and it was considered the most severe attack since the invention of the Internet – or at least that anyone is admitting to.

It was called, “the worst cyber attack ever.”  And there’s more to come.

DDoS attacks utilize an army of commandeered computers to point huge volumes of web traffic at a company’s server to the point of overload until it crashes. This latest cyber attack was so large, experts don’t even think they have a measurement system capable of determining the full scope, but some experts are confident that Internet users worldwide were impacted by sluggish Internet connectivity during that time.

It is speculated — with unconfirmed reports — that this cyber attack was an act of revenge by groups ticked off at their blacklist status awarded by SpamHaus, who generates widely used and continually updated blacklists of sites who are guilty of sending spam. These grumpy spammers took advantage of what’s called a “DNS reflection,” a technique that tricks thousands of servers to send a landslide of junk to an unsuspecting victim, in this case SpamHaus.

The attack came as a surprise for Spamhaus, as it would your own company. What can a company do to combat a DNS reflection other than putting a crisis communication plan in place?

Experts say that locking down the infrastructure that hackers use is the number one imperative. In the Spamhaus cyber attack, the DNS reflection attack was likely due to the hackers taking advantage of “misconfigured DNS servers to amplify the power of a much smaller botnet,” said Chester Wisniewski, a senior security adviser at Sophos Canada, in a blog post. He goes on to say that 25 million open DNS resolvers hosted by service providers across the Internet currently are insecure or misconfigured, posing “a significant threat.” His advice is that it’s critical that you configure your recursive name servers to only reply to your own network,” Wisniewski said. “If you must provide public DNS, be sure to apply filtering for abusive queries and ensure the frequency of queries is commensurate with your expected volumes.”

Spamhaus is not the lone victim. If you’ve ever experienced an inaccessibility to your bank website or a sluggish response, it could very well be the work of a DDoS attack. On March 27th, Wells Fargo admitted to suffering from disruptions to their website connectivity. The al-Qassam Cyber Fighters hacktivist group has vowed to continue its long-running campaign of U.S. banking website takedowns, and while Wells Fargo is reported by to have the majority of the downtime reports, Bank of America, Chase, Capital One, Citibanks and PNC Bank were all the subject of reported difficulties.

Wells Fargo spokeswoman Bridget Braxton confirmed Tuesday that the bank’s website was being disrupted, but told Reuters that “the vast majority of customers are not impacted and customer information remains safe.”

As Ms. Braxton rightly commented, during a DDoS attack, your data is likely safe, but if you’re the target for a DDoS attack, it’s going to be a tough few days before you can get back online.

In the next installment of our continuing series on cyber attacks and how to protect your data, we’ll look at “exploits” and the damage they can do.

Leave a Reply