Understanding the Modern DDoS Threat

The breadth of cyber threats that an organization must engage with and combat seemingly change on a daily basis. Each new technology, vulnerability or exploit vector results in a new threat that must be protected against. Meanwhile some forms of attack never appear to age — they remain a threat to business continuity despite years of advances in defensive strategy. One particularly insidious and never-ending threat is that of the Distributed Denial of Service (DDoS) attack.

Never far from the news headlines, DDoS attacks are the staple disruptive technique preferred by an increasingly broad spectrum of attackers. While they may be the oldest and most commonly encountered form of cyber attack, defenses against them are often non-trivial and even the best tried-and-tested protection can fail under a sufficiently well conceived attack.

In order to best understand the threat modern DDoS campaigns pose to enterprise networks and the businesses that depend upon them, I’ve pulled together a new whitepaper on the topic.

The paper “Understanding the Modern DDoS Threat” examines the technology, coordination tactics and motivations behind the DDoS attacks likely to pose a risk to Internet accessible businesses now and in the immediate future. It steps through the thought processes governing the primary instigators of the attacks and their tactics of choice.

Armed with this level of understanding, the folks charged with defending their organizations from the DDoS menace will be better able to mitigate the threat and effectively communicate its impact to the higher echelons of their organization.

Change.Org Victim of DDoS Attack From China

IDG News Service — Change.org, an online petitioning platform, has come under an ongoing distributed denial of service (DDoS) attack originating from China after the site hosted a call urging Chinese authorities to release artist Ai Weiwei from custody.

The attacks, which started late Sunday, have nearly brought down the site, according to Change.org founder Ben Rattray.

DDoS attacks work by using hundreds or thousands of hacked computers to send traffic to a website, overwhelming it with data so it becomes inaccessible to normal users.

Change.org said the current attack originates from an expanding group of computers primarily based in China, and has yet to stop. This is the first time the site has been hit with a DDoS attack.

Change.org has been hosting a online petition calling for the release of Chinese artist Ai Weiwei, who is currently under arrest. The petition has attracted almost 100,000 people from 175 countries, making it one of Change.org’s most successful international campaigns, Rattray said.

“It’s pretty clear the attack is in response to the campaign,” he added. “It’s extraordinary that somebody in China with a high-level of technical sophistication can impact the ability for people around the world to organize.”

The online call coincided with demonstrations across the world this past Sunday, which also called for the artist’s release. Ai, who is also known for his activism, has been detained as part of a Chinese government crackdown on political dissidents in the country.

Authorities in the country have arrested other human rights activists and clamped down on the information flow, following previous online postings that began in February calling for a “Jasmine revolution” against the Chinese government.

Change.org is currently blocked in China. Internet censors in the country regularly block sites that are deemed to politically sensitive.

Despite the block, the computers involved in the DDoS attack are managing to find a way around the country’s national Internet firewall, said Rattray.

In the past, other sites have been the victims of cyber attacks coming from China. This March, blog publishing platform WordPress.com also reported being hit with a DDoS attack originating from China.

Chinese hackers have also allegedly launched cyber attacks to steal data from foreign energy accompanies, according to security vendor McAfee (MFE). In 2009, Google (GOOG) was also the victim of an attack originating from China that was aimed at accessing the Gmail accounts of human rights activists

The Chinese government has previously responded to these reports by denying it is involved in any cyberattacks, adding that China has also been a victim of hacking attempts.

The true source of DDoS attacks is often unclear. Although Change.org has traced the current attack to servers in China, it is also possible the computers are under the control of hackers based in another country.

Change.org reports that both the FBI and U.S. State Department are looking into the DDoS attack.

“We won’t stop or take down anything because of this DDoS attack,” Rattray said. “We believe in the fundamental right of the people to organize around issues they care about it.”

Cybercriminals Target Russian News and Online Blogging Sites

Recently, Russian news and online blogging websites – Novaya Gazeta and LiveJournal suffered distributed denial-of-service (DDoS) attacks.


PRLog (Press Release)Apr 11, 2011 – Websites are targeted to gain unauthorized access to confidential information, disrupt services or lodge protest against information provided on those sites. Recently, Russian media and blog sites suffered massive cyber-attack. The latest attack targeted the website of popular newspaper Novaya Gazeta. Attackers purportedly launched distributed denial-of-service (DDoS) attacks. At its peak, the attack caused 70,000 requests to the website of Novaya Gazeta in 14 seconds. Information security professionals have restored the services of the website. The attack on the newspaper website follows a similar attack on LiveJournal, one of the most popular Russian blogging sites. According to an analysis by Kaspersky Lab, the DDoS attack on the popular blogging site was commanded by Optima/Darkness botnet. The attack was first directed on the blog of a well-known anti-corruption campaigner on LiveJournal. The attacks soon spread to the pages of other bloggers on the site. According to the Internet security firm, Optima botnet was first identified at the end of the previous year on the Russian cybercrime black market. The botnet is also notorious for downloading executable files, and stealing authentication information related to FTP clients, Instant Messengers (IM), e-mail clients and web browsers among others. Online technology degree programs, webinars and conferences may help IT professionals in updating their technical skills and know-how for proactive handling of sophisticated cyber threats.

In case of DDoS attacks, cybercriminals use several compromised computers to target a particular resource. Multitudes of requests are sent simultaneously to the targeted resource, making it virtually impossible for the resource to deliver normal services to the legitimate users. Cybercriminals compromise large number of vulnerable systems and install malicious software, without user’s knowledge. The compromised systems, called zombies are then instructed to attack to the targeted resource. By using the zombies to launch attack, the perpetrators of crime make it difficult for investigative authorities to trace the actual origin of the attack. Cyber security education through blogs, online tutorials, online computer degree programs may help in creating awareness on safe online computing practices among Internet users. Users must install and regularly update anti-malware programs to safeguard their computer systems against sophisticated cyber threats.

Both the sites offer platform for expression of alternative opinions on crucial issues. The attacks on these sites assume significance as the elections for ‘State Duma’, the Lower house of the Russian Parliament are scheduled to be held at the end of the year.   DDoS attacks on business websites may severely impact their productivity and result in losses. Administrators must regularly monitor the traffic to identify unusual activity. They may also configure data traffic limits. Professionals qualified in IT masters degree may help in implementing proper monitoring mechanisms and regular evaluation of networks for threat vectors. Organizations must have robust IT security policy in place. Regulations only provide for the minimum security requirements. Therefore, IT security must not be viewed as only a compliance activity. Organizations must be proactive in identification and mitigation of security flaws. IT security apparatus must be regularly evaluated and modernized in tune with changes in threat scenario.

GoDaddy hit with a 21 million PPS attack

From their post:

What Happened?

You might have noticed that some of you had trouble accessing your Go Daddy-hosted site over the weekend, March 25-26. And you’re also probably asking, “What happened?”

The short of it: We were the target of a 21-million-packets-per-second Distributed Denial of Service (DDoS) attack.

A DDoS attack is an attempt to shut down a network by flooding it with nonsense requests. And 21 million packets per second is a lot of nonsense.

To put that into perspective: If it takes 5 packets per second to load the average website, then clicking refresh a few times would generate 20 packets per second. So think of 21 million packets per second as clicking refresh on your browser as fast as you can, while inviting 10 million of your closest friends to join you.

Read their full article here:

GoDaddy full article

QNX Announces First RTOS to Help Device Manufacturers Achieve Both Safety and Security Certification

Certified Plus can save customers time and expense by speeding rigorous certification processes and help accelerate their time to market

NUREMBERG, GERMANY–(Marketwire – March 1, 2011) - EMBEDDED WORLD (STAND 11-324) – QNX Software Systems Co., a global leader in operating systems and middleware for connected embedded systems, today announced the first realtime operating system (RTOS) to provide both safety and security certification, allowing manufacturers of mission-critical systems to significantly reduce the time and expense of certifying their end-products, including medical, automotive, and industrial devices.

QNX Neutrino Realtime Operating System (RTOS) Certified Plus™ is the only RTOS to offer both IEC 61508 certification at Safety Integrity Level 3 (SIL 3) and Common Criteria ISO/IEC 15408 certfication at Evaluation Assurance Level 4+ (EAL 4+).

“QNX Neutrino RTOS Certified Plus is an industry first, providing a significant competitive advantage to device manufacturers who must address rigorous demands for safety and security,” stated Derek Kuhn, vice president, sales and marketing, QNX Software Systems. “Our engineers have delivered the first product offering combining safety and security certification that can change the way companies bring products to market by reducing the time and expense required for them to get their end-products certified.”

Many of the systems vital to our daily living, work, and health are now controlled by software running on microprocessors embedded in cars, medical devices, power plants, and the energy grid. As the software complexity of these systems increases, so does the need for software components certified to meet stringent dependability and security requirements — these systems cannot fail.

Certification to IEC 61508 SIL 3 provides independent validation that QNX Neutrino RTOS Certified Plus delivers a very high level of reliability and risk reduction when used in safety-critical systems for medical, transportation, energy generation, process control, and other industries. Certification to the Common Criteria for Information Technology Security Evaluation provides validation from a certified laboratory that QNX Neutrino RTOS Certified Plus fulfills the functional security requirements and the enhanced methodologies and security controls required for EAL 4+.

Designed for systems that have low tolerance for failure, QNX Neutrino RTOS Certified Plus employs a modular microkernel architecture in which applications, device drivers, file systems, and networking stacks all run as separate, memory-protected components. It is the only certified RTOS to support the parallelism necessary for successful multi-core designs. It also supports adaptive partitioning, an efficient form of CPU time partitioning that prevents malicious code and denial-of-service (DoS) attacks from monopolizing the CPU.

QNX Neutrino RTOS Certified Plus is also POSIX-compliant, which allows application developers great flexibility to port applications to the platform.


QNX Neutrino RTOS Certified Plus will be available in Q2 2011. For more information, please send email to certified_plus@qnx.com.

QNX Embedded World Booth — Demonstration Highlights

QNX Software Systems will present the following demonstrations this week at Embedded World:

– Medical Reference Demo — Showcases a flexible Human Machine Interface (HMI), connectivity to Continua Certified™ medical devices, and wireless connectivity to a BlackBerry® PlayBook™ tablet.

– Interactive Home Security Demo Broadband home management solution from iControl Networks enables homeowners to see and control their home, including security and energy systems, via the Internet, mobile devices, and in-home touch screens.

– QNX CAR™ Application Platform Demo Includes digital instrument cluster, multimedia console, re-skinnable HMI, hands-free calling, streaming audio, Webkit browsing, and device connectivity to smartphones and other devices.

QNX Speakers at Embedded World Conference

– Tuesday, March 1, 10:00–10:30 — The Joy of Scheduling

– Wednesday, March 2, 14:15–15:00 — In-Field Debugging: Diagnosing Software Faults While Maintaining Availability

– Thursday, March 3, 11:30–12:30 — Using an IEC 61508-Certified RTOS Kernel for Safety-Critical Systems

About QNX Software Systems

QNX Software Systems Co., a subsidiary of Research In Motion Limited (RIM) (NASDAQ:RIMM; TSX:RIM), is a leading vendor of operating systems, middleware, development tools, and professional services for the embedded systems market. Global leaders such as Cisco, Daimler, General Electric, Lockheed Martin, and Siemens depend on QNX technology for network routers, vehicle telematics units, industrial control systems, medical instruments, security and defense systems, and other mission- or life-critical applications. Founded in 1980, QNX Software Systems Co. is headquartered in Ottawa, Canada; its products are distributed in over 100 countries worldwide. Visit www.qnx.com.

QNX, Momentics, Neutrino, Aviage, Photon and Photon microGUI are trademarks of QNX Software Systems GmbH & Co. KG, which are registered trademarks and/or used in certain jurisdictions, and are used under license by QNX Software Systems Co. The BlackBerry and RIM families of related marks, images and symbols are the exclusive properties and trademarks of Research In Motion Limited. All other trademarks belong to their respective owners.

QNX Software Systems Co. (QNX) is a subsidiary of Research In Motion Limited (RIM). Forward-looking statements in this news release are made pursuant to the “safe harbor” provisions of the U.S. Private Securities Litigation Reform Act of 1995 and applicable Canadian securities laws. When used herein, words such as “expect”, “anticipate”, “estimate”, “may”, “will”, “should”, “intend,” “believe”, and similar expressions, are intended to identify forward-looking statements. Forward-looking statements are based on estimates and assumptions made by QNX in light of its experience and its perception of historical trends, current conditions and expected future developments, as well as other factors that QNX believes are appropriate in the circumstances. Many factors could cause QNX’s actual results, performance or achievements to differ materially from those expressed or implied by the forward-looking statements, including those described in the “Risk Factors” section of RIM’s Annual Information Form, which is included in its Annual Report on Form 40-F (copies of which filings may be obtained at www.sedar.com or www.sec.gov). These factors should be considered carefully, and readers should not place undue reliance on QNX’s forward-looking statements. RIM and QNX have no intention and undertake no obligation to update or revise any forward-looking statements, whether as a result of new information, future events or otherwise, except as required by law.

Source: http://www.marketwire.com/press-release/QNX-Announces-First-RTOS-Help-Device-Manufacturers-Achieve-Both-Safety-Security-Certification-1403656.htm

Hillary Clinton’s plan to topple dictators with an open Internet

The ouster of dictators in Egypt and Tunisia made it imperative for Hillary Clinton to lay out a US plan to keep the Internet open for people seeking freedom. But exactly how remains an open question.

Secretary of State Hillary Rodham Clinton said all the right things in a speech on Internet freedom today. She was modest in admitting that the US government didn’t have all the answers – or even know all the right questions to ask – in shaping an open Internet worldwide in the future.

She urged repressive regimes to consider the “dictator’s dilemma” – that when they restrict or harass Internet use it will only harm them and their country in the long run. She termed preserving a free and open Internet “one of the grand challenges of our time.”

The fall of autocratic regimes in Tunisia and Egypt – with the possibility of more to come – came about at least in part because of online social media, from Twitter to Facebook to YouTube. The debate over just how crucial these new media were to the uprisings is just beginning. One could reasonably argue that outstanding coverage by Al Jazeera, in the form of traditional old-style televised reporting, played just as significant a role. As is often pointed out, the Egyptian protest continued on to a successful conclusion even after the government pulled the plug on Internet access.

But what’s already clear is that Internet’s role was real and significant. And now the Obama administration has begun to move beyond words to actions in promoting a free Internet worldwide. Clinton said that it will spend $20 million this year and $25 million next year funding a variety of programs, acting as a kind of venture capitalist to underwrite a number of approaches.

In recent days the State Department has set up its own Twitter feeds in Arabic and Farsi, and Clinton said a similar effort in Chinese will soon follow. She also pledged that monitoring and responding to Internet threats is now part of the State Department’s core mission.

That’s a start. More is needed. One key effort will be finding ways to help people get around fire walls that governments place on their Internet users, freeing their citizens to find out what the rest of the world is saying and doing. Individuals need to know how to set up secure e-mail accounts and how to defend their websites against denial of service attacks.

No one should assume that the Internet will somehow automatically be a force for good. As former journalist and savvy Internet watcher Rebecca MacKinnon points out, while King George VI used the relatively new medium of radio to rally Britain during World War II, Joseph Goebbels in Germany used it to spread Nazi propaganda. Technology plays no favorites in a war of ideas.

Twitter and other online social media themselves don’t represent a “silver bullet” that will pull down dictators and solve the world’s problems. That’s still up to courageous individuals.

But the Internet does represent an important tool – in spreading that courage, in assembling crowds – that must be valued and protected. A race is on between those trying to restrict online access – or infiltrate it and turn it into a means of repression – and those that prize openness.

The administration has been right to listen, test, and experiment. But the move to bigger, bolder actions shouldn’t wait forever.

Source: http://www.csmonitor.com/Commentary/the-monitors-view/2011/0215/Hillary-Clinton-s-plan-to-topple-dictators-with-an-open-Internet

VoIP security issues: How you might become a target for TDoS attacks

The maturation of enterprise VoIP deployments has opened IT organizations to a new world of VoIP security issues — telephony denial of service (TDoS) attacks, flagged by the FBI last year as a danger to consumers. Enterprise and contact center networks will also be attractive TDoS targets as hackers try to profit directly off attacks or use them as a diversion for a bigger con.

Like distributed denial of service (DDoS) attacks, TDoS attacks block legitimate VoIP sessions or disrupt business by flooding or hijacking IP telephony infrastructure with bogus calls. These attacks can saturate all of the lines on a SIP trunk to block phone calls or cause phones to ring incessantly.

In addition to the risk of data or financial theft that TDoS attacks pose — almost always by virtue of their ability to cause a diversion — they also paralyze user productivity and block legitimate business transactions or processes.

Dan Fontaine, senior vice president of technology at VIPdesk, a virtual contact center outsourcer, is still in the planning phases of deploying VoIP. But VoIP security issues such as TDoS prevention are already on his radar as potential threats to his business.

“We haven’t come up with a plan to address TDoS yet, but it is on the roadmap,” Fontaine said. “We are going to keep the VoIP traffic within the encrypted tunnel created by the Citrix Access Gateway. As a result, the VoIP ports will not be exposed to the Internet.”

Service providers have spent years wrestling with TDoS attacks, but those attacks were primarily aimed at theft of service, said Jonathan Zarkower, director of product marketing at Acme Packet, a session border controller (SBC) vendor. Hackers use enterprise TDoS attacks almost exclusively for financial gain, and most customers who have reported them said the attack was an inside job, he said.

“We actually see more inside attacks than outside attacks. There’s a lot of money to be made by disgruntled employees,” Zarkower said. “As IP continues to proliferate in the enterprise, I think we’re going to see more of this.”

Mitigating VoIP security issues: Track more than call volume

Acme Packet’s Net-Net series of SBCs has the ability to identify, intercept and shut down potential TDoS attacks, Zarkower said.

The appliances’ software can detect the insertion of white noise or other media, abnormal signals, call establishment and call flow rates. Net-Net SBCs by default block IP multipathing protocols (IPMP) which Zarkower said are not essential to voice communications and are often used to launch a TDoS attack.

“There are multiple facets to a TDoS attack, and whatever solution you’re using also has to be multifaceted,” he said. “It’s more than being able to detect unusually high call volume … [and prevention] also means implementation of organization-wide security practices, polices and enforcement.”

Contact centers, particularly in the financial and healthcare industries, are prime targets for TDoS attacks due to the high call volume and sensitive data they handle, according to Mykola Konrad, director of enterprise products at Sonus Networks, another SBC vendor.

Sonus recently announced two VoIP security applications, VoiceSentry Analyzer and VoiceSentry Guardian, which work in conjunction with Sonus’ SBC and take an application-layer approach to identifying and shutting down bogus calls.

VoiceSentry Analyzer, which operates on Oracle Netra servers, runs alongside Sonus’ SBCs and monitors call detail records (CDRs) and other metrics in real time as it looks for anomalies. It forwards suspicious calls to a second appliance, VoiceSentry Guardian, which runs on Sonus’ proprietary hardware. Guardian executes an audio CAPTCHA test on those suspicious calls.

“It routes you to a special announcement that says, ‘Please [dial] 1234,’ and if you’re a human being, you say, ‘This is idiotic’ and [dial] 1234,” Konrad said. “But if you’re a robot, you would have no idea what to do.”

Administrators can customize the test to sound like the rest of its Interactive Voice Response (IVR) system and disguise the CAPTCHA to appear more like a usual prompt a caller would expect, such as a prompt for an ID number, he said.

Telecom engineers can configure Guardian with policies that dictate how bogus calls are handled from there, whether they’re rerouted to law enforcement or simply dropped. Analyzer comes pre-populated with common attack patterns, and customers can subscribe to receive regular updates from Sonus’ database.

Sonus’ SBCs have traditionally prevented TDoS attacks at the packet layer, flagging malformed packets as phony. But that did nothing to stop calls from a software application designed to tie up lines with white noise, as one customer recently experienced, Konrad said.

The customer, which he declined to identify, had historically monitored the call volume in its contact center very closely. Telecom engineers there noticed minor increases in call volume — nothing that would be flagged as an attempt to overwhelm equipment with bottlenecks — but their software detected none of the hallmarks of an attack, such as signal irregularities or malformed packets, Konrad said. At the packet layer, they looked like legitimate sessions.

The small spikes in call volume coincided with reports from call center agents that they were receiving mysterious calls that contained just four minutes of white noise or siren sounds. After working with the FBI and their service provider, AT&T, the telecom engineers learned the calls originated from a hacker in Manitoba, Canada, Konrad said.

The hacker had purchased a bevy of SIP trunks and written a SIP dialing script that would call toll-free numbers and dial 8, which he had determined would likely bypass the IVR system to get a live agent, Konrad said. The hacker had misrepresented himself as a business customer “who just happened, as part of his business, to have to make many toll-free calls,” he said.

The hacker threatened his local carrier that he would take his “business” to another service provider if the local carrier didn’t give him a cut of the toll-free tariffs it collected from contact centers the hacker had targeted, Konrad said. The carrier obliged, he said.

“The very first thing people think is, ‘What’s wrong with the equipment?'” he said. “What you need is an application-aware appliance of some sort to really take a look at the media coming through … and at some level to even listen to the voice and say, ‘Is this a real human?'”

Source: http://searchunifiedcommunications.techtarget.com/news/2240031995/VoIP-security-issues-How-you-might-become-a-target-for-TDoS-attacks

Data security systems must protect against ‘increasing hacktivism’

The evolution of cyber-crime from “mischievous virus-writing” to financially or politically motivated attacks is a trend likely to continue, a new report has revealed.

Data security firm Sophos’ Security Threat Report 2011 has analysed the threats and trends of 2009 and 2010 to predict what will happen in the year ahead.

The company suggested that the WikiLeaks scandal and the following Distributed Denial-of-Service (DDoS) attacks on organisations that had withdrawn their support illustrated a fundamental change in the motivation behind cyber crime.

A virus unleashed in 2010, called the Stuxnet worm, compounded this change by targeting the systems used in industrial applications and nuclear facilities globally, the report suggested.

“These exemplify the development of cybercrime from the initial stages of proof-of-concept and mischievous virus-writing, through financially motivated, organised criminal activity … and finally a third, political motivation,” the company said.

McAfee Labs has also warned organisations to improve data security as politically motivated attacks, commonly known as ‘hacktivism’, will increase throughout 2011 and beyond.

Kroll Ontrack is the world’s leader in data recovery and data management services, working to keep your data safe and always available.

Posted by Edward Clark

Source: http://www.ontrackdatarecovery.co.uk/data-recovery-news/articles/data-security-systems-must-protect-against-increasing-hacktivism355.aspx

Website attacks raise questions about African data security

An increase in hacking by online fraudsters targeting African governments and corporations is raising questions about the safety of the region’s Internet infrastructure.

An increase in hacking by online fraudsters targeting African governments and corporations is raising questions about the safety of the region’s Internet infrastructure.

The hacking is calling into question the security of data held by governments in the region as they adopt e-governance strategies aimed at decentralizing operations and enhancing efficiency. Over the past year, the region has seen more incursions from hackers attempting to gain access to databases for personal information. In addition, some hackers target government websites in order to show their abhorrence of oppressive regimes.

Last week, the Zimbabwean, Kenyan and Tunisian governments’ websites were hit by hackers who defaced the sites and prevented them from functioning efficiently.

Meanwhile, the Kenyan government is planning to build a data center to serve East and Central Africa in a bid to ease the region’s reliance on Europe and the U.S. for data backup. The Rwandan government has also built a database center for the country’s data storage that will provide data backup for other countries in the region.

After the attacks, Zimbabwean Minister of Information and Communication Technology (ICT) Nelson Chamisa said the country is now making efforts to tighten security on its government websites in order to prevent similar strikes. As in Kenya and Tunisia, the Zimbabwean government websites were hit by distributed denial-of-service (DDOS) attacks that rendered them unavailable.

At one point, a defaced Ministry of Finance website displayed a message posted by a group of hackers that identified itself as ‘Anonymous.’

While the Zimbabwean government is still probing the matter, Chamisa said at a media briefing last week that cybersecurity is “now on the front burner of the Zimbabwean government’s work program.”

The attacks have forced the Zimbabwe attorney general to form a commission to investigate the WikiLeaks diplomatic cable revelations and to bring treason charges against anyone found to be colluding with foreign governments. The hackings in Zimbabwe came after the country’s first lady sued a local newspaper for US$15 million for publishing a WikiLeaks cable that linked her to alleged trade in illicit diamonds.

The Anonymous hacker group said it had targeted President Robert Mugabe’s administration for actions taken by government officials to suppress information about the thousands of secrets WikiLeaks released.

In 2009, the Zimbabwean website went offline and was replaced by an advertisement from Microsoft.

Kostja Reim, CEO of Security Risk Solution, said more than 80 percent of the region’s websites are vulnerable to hackers. This is because the governments and institutions have not moved to upgrade information security systems to protect the sites from local and international hackers.

In 2008, the Kenyan government lost millions of dollars to Russian hackers when it attempted to send the money to Ukrainian arms dealers over an unsecured protocol.

Anonymous has announced they have started a recruitment exercise for hackers to take down government websites. As a result, Africa is expected to experience increased cyber-attacks this year unless governments move to upgrade information security systems to protect the sites. Botswana, Namibia and Uganda are some of the countries expected to be targeted by hackers for opposing WikiLeaks.

Source: http://news.idg.no/cw/art.cfm?id=80EFB60B-1A64-67EA-E49A820EB9391CF6

It’s time for a serious response

It has been clear for months that Australian Julian Assange – the founder of the WikiLeaks website – is guilty of crimes against the United States. His release of classified military and diplomatic documents has hurt this country severely. At the very least, he has placed the lives of thousands of American servicemen and women in jeopardy.

Yet President Barack Obama’s Justice Department, under Attorney General Eric Holder, has done nothing but claim it is investigating Assange.

Throughout the world, Assange is losing friends quickly. He is under indictment for sex crimes in Sweden, and under arrest in England. The Swiss government suspended a bank account he had hoped to use to safeguard his money. Several private companies, including PayPal, Mastercard and Visa, have stopped facilitating contributions to Assange.

In retaliation, a gang of computer hackers mounted denial-of-service attacks on some of the involved companies this week. They had limited success – in part because some cyber-heroes struck back, disabling several of the hackers’ servers.

Some of what the hackers are doing is criminal in nature. Clearly, Holder should order an investigation aimed at filing charges against them. Surely at least some of them can be tracked down and brought to justice, while Holder ponders whether to do anything about Assange.

Source: http://www.messengernews.net/page/content.detail/id/535346/It-s-time-for-a-serious-response.html?nav=5087