Here is the list of the main Cyber Attacks happened during the second half of February 2014 (Part I here). As you will soon discover, unlike the previous months, the activity in this second half of February has shown a sensible decrease both in number and in size in comparison with the previous months.
Update 3/12/2013: I should also mention the Deutsche Telekom Security Tachometer
We live in a World made of Botnets and cyber attacks! While I am typing these few words in my keyboard, other fingers somewhere else in the Globe are moving quickly through the keys, firing stream of bits against their targets.
This morning, during my usual virtual promenade through my feeds, I came across a really interesting post from Stratsec, a subsidiary of Bae Systems.
The post unveils the details of an unprecedented experiment aimed to verify how easy and cheap is to setup a botCloud and how hard is for the Cloud providers to detect them (and consequently advise the victims).
The attack model based on botnet-generated Distributed Denials of Service is opportunistic. The botmaster selects a target, gathers as many resources as possible among his army of zombie machines, and when he realizes to have achieved enough firepower, simply selects a target and pushes the attack button. After this the target is inevitably flooded by packets generated by the bots, while the unaware owners of the zombie machines perform their normal work or fun activities with their infected computers.
Cyber Crime, and in particular botmasters, never cease to amaze. If you were (not so much) surprised in discovering the compromised supply chain behind the Nitol Botnet (that allowed Chinese manufacturers to sell compromised computers pre-installed with the botnet), you’d better have a look at the ZeroAccess Botnet, which has recently been analyzed by Sophos.
Probably there’s something more in the Next Step Of Botnets besides BlackHole 2.0 and Tor C&C mentioned in my previous post. I mentioned the takedown of the Nitol Botnet by Microsoft as one of the most important infosec events of the last week, but I forgot to mention one important aspect related to this event: the malware supply chain.
This information security week has offered many interesting points: the brand new CRIME attack against SSL/TLS, the release of BlackHole Exploit Kit 2.0 that promises new stealth vectors of Drive-By download infections, the takedown of the emerging Nitol botnet by Microsoft, and, last but not least, the first (?) known example of a new generation of a C&C Server leveraging the anonymization granted by Tor Service.
The fact that ISPs are evaluating an Anti Botnet Conduct Code means their are feeling responsible for what resides inside (and leaves) their networks, and hence are supposed to take technical, organizational and educational countermeasures.
Few days ago I have discovered that the City I live in (Rome), ranks at number two in the World for the number of BOT infections, at least according to Symantec Internet Security Threat Report Edition XVII.
Of course reports must be taken with caution, but it is undoubted that Bot infections are becoming a huge problem for the Information Security Community (a modern Biblical Plague), so huge to deserve the attentions of The Federal Communication Commission. As a matter of fact, on March 2012, FCC, working with communications companies including Verizon, Cox, and Comcast, has passed a voluntary code that delineates the steps that ISPs must take to combat botnets. As you will probably know, botnets may be used by cybercrookers for making money with different criminal purposes ranging from information theft to the execution of DDoS Attacks: have a look to this interview to a botnet operator to have an idea (and to discover that botnets are used also to counterfeit virtual currency).
If you need to know what Cyber Crime is but you are bored and fed up with the too many information security terms, loosing yourself among the acronyms, you have stumbled upon the correct place. I have just compiled a very special alphabet which collects the terms related to Cybercrime. Forgive me for some “poetic license” and enjoy this half-serious list.