Newsletters
The Enterprise Security Supersite NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
This ad will display for the next 20 seconds. Please click for more information, or scroll down to pass the ad, or Close Ad.
Home Network Security Viruses & Malware Hackers Security Solutions More Topics...
APC Free White Paper
Optimize your network investment &
Enter to win a Samsung Galaxy Note

www.apc.com
Data Security
24/7/365 Network Uptime
Average Rating:
Rate this article:  
Dutch Man Held in Huge DDoS Attack that Slowed Internet
Dutch Man Held in Huge DDoS Attack that Slowed Internet

By Jennifer LeClaire
April 29, 2013 1:44PM

Bookmark and Share
A Dutch man has been arrested in Spain, allegedly for participating in the DDoS attack on Spamhaus by CyberBunker, an ISP. "I believe that we may have been lucky in this case, but we cannot rely on reactive measures to stop these attacks," said security analyst David Britton. "We must be putting layers in place to prevent them from disrupting business."
 


Police in Barcelona, Spain, arrested a Dutch man on Friday at the request of Netherlands police, who say he launched "unprecedented heavy attacks on the non-profit organization Spamhaus," which tracks the Internet's worst spammers.

Dutch prosecutors identified the suspect as S.K., and some news outlets reported his name as Sven Olaf Kamphuis, 35. He is expected to be sent to the Netherlands.

Kamphuis had previously been identified as a spokesman for CyberBunker, which is accused of a massive distributed denial of service attack against Spamhaus in late March. CyberBunker was on the Spamhaus list of notorious spammers and supposedly launched the DDoS attacks in retaliation.

The attacks, which made use of legitimate Internet DNS servers to flood systems with spurious traffic, slowed large portions of the Internet, and at the time was called the biggest cyberattack in history.

Some security researchers later questioned whether CyberBunker's move was just a public-relations stunt. Others say this signals the beginning of a new wave of such attacks.

Good News, Bad News

David Britton, vice president of Industry Solutions at 41st Parameter, said there is good news and bad news with the arrest. The good news is that the authorities may have removed one perpetrator from the mix. The bad news is that there are many more out there who are acting with impunity.

"I believe that we may have been lucky in this case, but we cannot rely on reactive measures to stop these attacks," Britton said. "We must be putting layers in place to prevent them from disrupting business on the front end."

Britton also pointed to DDoS attacks being used to create a diversion within the financial services industry. He offers an example: While the sites are down, fraudsters will submit a large number of wire transfers so when the site is back up the system is overloaded with pending transactions, and they are forced to process them without running the proper fraud screening.

"With the increased volume of these types of sophisticated attacks, and the sheer size of the attacks, it is clear that organizations must use all tools at their disposal to fend off attackers," Britton told us. "This includes not just the traditional firewall systems that must be in place, but leveraging tools that can also deflect the traffic that is being routed at the application layer, designed to simulate legitimate application traffic."

ISP Involvement Needed

Alex Horan, a senior product manager at Core Security, said the levels of data sent in this DDoS attack were some of the highest ever seen. And, he added, if that is a sign of the levels that are possible in the future, organizations need to revisit how they expected to handle a DDoS attack against their servers.

"The fact is they cannot be expected to handle it alone. The key is to move attack detection and defense as close to the attacking machines as possible," Horan told us. "Ideally, the ISPs of the attacking parties, most of whom probably don't even know their compromised machines are participating in the attack, would drop the traffic before it even gets out onto the Internet proper. The further onto the Internet this traffic gets, the greater an effect it has."

As Horan sees it, ISPs should do this -- and potentially the legislative bodies of the countries they reside on, to take proactive action. They must analyze and filter this traffic in response to requests by the ISPs hosting the servers being attacked. Until there is this coordinated response, he said, DDoS attacks will keep being a threat to legitimate servers on the Internet.
 

Tell Us What You Think
Comment:

Name:



APC has an established a reputation for solid products that virtually pay for themselves upon installation. Who has time to spend worrying about system downtime? APC makes it easy for you to focus on business growth instead of business downtime with reliable data center systems and IT solutions. Learn more here.


 Data Security
1.   Malware Targets Facebook Users
2.   IBM Adds Disaster Recovery to SoftLayer
3.   How To Beat the Heartbleed Bug
4.   Google Proudly Scans Your Gmail
5.   NSC Backs Disclosing Vulnerabilities


advertisement
Don't Reset Passwords for Heartbleed?
Added caution needed to ensure security.
Average Rating:
Malware Targets Facebook Users
iBanking app spys on communications.
Average Rating:
How To Beat the Heartbleed Bug
Big data analytics could be the key.
Average Rating:


advertisement
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
Google's Street View Software Unravels CAPTCHAs
The latest software Google uses for its Street View cars to read street numbers in images for Google Maps works so well that it also solves CAPTCHAs, those puzzles designed to defeat bots.
 
Canadian Teen Arrested for Heartbleed Hack
One week after the OpenSSL Heartbleed vulnerability was unveiled, Canadian authorities have made the first arrest -- a London, Ontario teenager -- connected to exploiting the security hole.
 
IBM Offers Security, Disaster Recovery as SoftLayer Service
New disaster recovery and security services for SoftLayer clients are being added by IBM. Big Blue said the new capabilities will speed cloud adoption by alleviating concern over business continuity.
 

Enterprise Hardware Spotlight
Vaio Fit 11A Battery Danger Forces Recall by Sony
Using a Sony Vaio Fit 11A laptop? It's time to send it back to Sony. In fact, Sony is encouraging people to stop using the laptop after several reports of its Panasonic battery overheating.
 
Continued Drop in Global PC Shipments Slows
Worldwide shipments of PCs fell during the first three months of the year, but the global slump in PC demand may be easing, with a considerable slowdown from last year's drops.
 
Google Glass Finds a Home in Medical Education, Practice
Google Glass may find its first markets in verticals in which hands-free access to data is a boon. Medicine is among the most prominent of those, as seen in a number of Glass experiments under way.
 

Mobile Technology Spotlight
Google Releases Chrome Remote Desktop App for Android
You're out on a sales call, and use your Android mobile device to grab a file you have back at the office on your desktop. That's a bit easier now with Google's Chrome Remote Desktop app for Android.
 
Amazon 3D Smartphone Pics Leaked
E-commerce giant Amazon is reportedly set to launch a smartphone after years of development. Photos of the phone, which may feature a unique 3D interface, were leaked by tech pub BGR.
 
Zebra Tech Buys Motorola Enterprise for $3.45B
Weeks after Lenovo bought Motorola Mobility’s assets from Google for $2.91 billion, Zebra Technologies is throwing down $3.45 billion for Motorola’s Enterprise business in an all-cash deal.
 

Navigation
Enterprise Security Today
Home/Top News | Network Security | Viruses & Malware | Hackers | Security Solutions | Mobile Security | Disaster Recovery | Windows Security
Data Security | EST Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters | XML/RSS Feed

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.