REAL WORLD EVENT DISCUSSIONS

You know it's bad when ...

POSTED BY: 1KIKI
UPDATED: Sunday, October 7, 2012 13:31
SHORT URL:
VIEWED: 765
PAGE 1 of 1

Sunday, October 7, 2012 8:04 AM

1KIKI

Goodbye, kind world (George Monbiot) - In common with all those generations which have contemplated catastrophe, we appear to be incapable of understanding what confronts us.


So I was talking with the waitress the other day about the DDoS attack against banks that just happened (and appears to be still ongoing against smaller institutions like credit unions). (see at bottom) And she told me she and her husband have some of their money at BofA, because BofA will go only when the country is falling apart, and they keep $10,000 at home in their safe because interest rates are too low to make the banks attractive, and, well, 'you never know ...'


Yet the resulting distributed denial-of-service (DDoS) attacks that caused disruptions at major banks -- including Bank of America, JPMorgan, Citigroup, and Wells Fargo -- did not emanate from the widespread home computers of hacktivists, but from hundreds -- or, at most, thousands -- of servers running vulnerable content management software, say security experts familiar with the attacks.


By co-opting content-management servers (a Micro-soft product, just to let everyone know), usually hosted systems with large-bandwidth connections to the Internet, the attackers were able to use fewer systems to level a larger volume of bandwidth at the victims. In addition, businesses will likely not shut down the servers very quickly, even in the face of abuse complaints, Neustar's Joffe says.

The attacks also appeared to penetrate the DoS defenses that most financial institutions have in place as a matter of policy, says Paul Lawrence, vice president of international operations at Corero Network Security.

"Today's DDoS attacks are carried out by a new breed of highly capable cyber criminals who quickly switch to different attack sources as each new attempt is thwarted," Lawrence said in a statement.

The size and skill used in the attacks have government officials worried, as well.


NOTIFY: Y   |  REPLY  |  REPLY WITH QUOTE  |  TOP  |  HOME  

Sunday, October 7, 2012 9:05 AM

NIKI2

Gettin' old, but still a hippie at heart...


Can you explain all that to an idiot? I don't know what DDoS is, or understand any of what you've written.


NOTIFY: Y   |  REPLY  |  REPLY WITH QUOTE  |  TOP  |  HOME  

Sunday, October 7, 2012 9:47 AM

AGENTROUKA


This is unsettling. What is their aim, really? Just to cause some form of damage to these institutions?

NOTIFY: Y   |  REPLY  |  REPLY WITH QUOTE  |  TOP  |  HOME  

Sunday, October 7, 2012 10:50 AM

1KIKI

Goodbye, kind world (George Monbiot) - In common with all those generations which have contemplated catastrophe, we appear to be incapable of understanding what confronts us.


Hey Niki

A DDoS is a 'distributed denial of service' attack on the computer end of the interface between an institution (like a bank) and the rest of the world. What happens is that a large number of bogus requests for connection go to the institution's web server, creating so much traffic that legitimate communication can't get through.

SOMETIMES this is a coordinated attack of multiple people on an institution at the same time. But that's old-school and inefficient for large targets. So often people will send malicious programs to large servers for those servers to automatically generate large numbers of requests at the same time to the same target(s).

Aside from disrupting important communication between clients and businesses, or businesses and businesses (I imagine for example disrupted interbank loans), malicious code can be introduced at the same time.

All this makes me think that a now important mechanism that keeps the economy humming - electronic computer communications - has been compromised, as well as potentially the banks' computer systems and the data stored within. That data includes your money and mine, which exists at the bank as nothing more than electronic zeros and ones.

BTW it's interesting to me - one of the ways that a DoS attack can be defended against is to monitor the requests for communication. If your system sees more than a certain number of requests coming from the same computer in a short time, it can be programmed to react. Sometimes those requests are shut off - denied - but that can be read by the sending system, A smarter way is to shunt those requests to an alternate dead-end server. From the article it sounds like the code that generated the attacks would switch to alternate servers as servers were denied.

I hope this completely non-expert explanation helps.

NOTIFY: N   |  REPLY  |  REPLY WITH QUOTE  |  TOP  |  HOME  

Sunday, October 7, 2012 11:26 AM

SIGNYM

I believe in solving problems, not sharing them.


If your PC and a bunch of other PCs request services all at the same time, the requests collide with each other and the server response slows to a crawl or breaks down altogether. (I have that problem at work: When too many people are requesting too many things too quickly, all I have time to do is say "I'll get back to you" to each request, and no real work gets done. At some point, I just put my head down and cry.)

If you do this deliberately by ganging many PCs together... or, in this case, vulnerable servers... you can bomb a bank's server with so many phony requests that you can delay or deny nearly anyone from getting service... Denial or Service (DOS) or- if the requests come from many sources - Distributed Denial of Service (DDOS).

Most often these DOS attacks are done by hacktivists... people pissed off at (say) VISA because of it's refusal to process donations to Julian Assange. So they bomb the VISA website. But this most recent attack didn't originate from home PCs and individuals, it came from other servers, business servers, which had high-speed internet connections and had themselves been hacked and turned into attackers. According to this article, the offending servers were running JOOMLA. JOOMLA is a content-management software... it allows smaller entities to track and manage the "content" of their website ... photos, order, customers... without requiring a sophisticated IT person.

http://www.darkreading.com/advanced-threats/167901091/security/perimet
er-security/240008534/serious-attackers-paired-with-online-mob-in-bank-attacks.html?pgno=2#articleArea

The list of JOOMLA clients is here
http://community.joomla.org/showcase/

My hubby, who knows a thing or three about computer and server security, basically said that clogging bank servers couldn't possibly be the real purpose of such a large and sophisticated DDOS. First of all, the real story might be that so many servers running JOOMLA were compromised. All that business and organization data was free for the taking, especially if it was embedded in junk requests to the bank. A server simply "listening in" on all that traffic would be able to sieve out the desired data without ever being detected as a culprit. Another possibility is that the attack was simply used to probe the targets' responses... which ports are open, what is the mode of response and response time etc. A third possibility is that the DDOS was used to cover up some REAL transfer of data... buried in all those bits and bytes, some code was implanted into bank servers. In the article on the DDOS is buried this cryptic sentence...
Quote:
The attacks also appeared to penetrate the DoS defenses that most financial institutions have in place as a matter of policy, says Paul Lawrence, vice president of international operations at Corero Network Security.


There is also the question of who was behind it. An article in IEEE - which I can't locate- the location of the servers was in China.

I can't help but consider the notion of payback. The USA, along with Israel, let loose Stuxnet, Duqu, and Flame. The first shots in serious cyber-warfare. THAT is a field of battle in which the USA has no particular advantage... Russian and Chinese computer experts are just as good as... if not better than... ours, and it doesn't take 50% of a government's budget in order to field them. And, with our near -100% reliance on Mac and Microsoft software, we are more vulnerable than most everyone else.

OOPS.


NOTIFY: Y   |  REPLY  |  REPLY WITH QUOTE  |  TOP  |  HOME  

Sunday, October 7, 2012 1:31 PM

FREMDFIRMA


Quote:
Originally posted by SIGNYM:
I can't help but consider the notion of payback. The USA, along with Israel, let loose Stuxnet, Duqu, and Flame. The first shots in serious cyber-warfare. THAT is a field of battle in which the USA has no particular advantage... Russian and Chinese computer experts are just as good as... if not better than... ours, and it doesn't take 50% of a government's budget in order to field them. And, with our near -100% reliance on Mac and Microsoft software, we are more vulnerable than most everyone else.

OOPS.

Ding Ding Ding, you win the kewpie doll - this was more or less a warning shot, one across the bow to point out that they know what we've been up to, and that worm can turn, on a field where american "excellence" is laughable.
The worst of it is that I am pretty sure the Russians and Chinese can exploit the CALEA-mandated hard-wired backdoors in most american software for the convenience of our so-called protectors, once again showing that our very "security" measures are our own worst enemy.
This is why I get most of my security software from Finland, and avoid shmuck bait like Adobes insecure bloatware, ActiveX, Java and all that rot - bonus points in that it makes ones browsing experience much saner and less annoying.
I am eternally amused by sites that claim I am "ruining" my own experience by disabling certain features, knowing full and well that message would be replaced with adware/malware/spam/popup/overlay/underpop/etc bullshit if I DID have it on.

Another thing which pisses me off is how often mail servers or suchlike are compromised, and the company is always, ALWAYS so goddamn quick to blame the individual user, as if any hacker worth a damn is gonna bother trying to individually compromise hundreds of machines to build a spamlist when they can just crack one mail server, but oh no, nope, it's YOU, the customer, YOUR fault, cause our stuff is 100% secure so it's always on YOUR end, yeah, sure...
Then days later comes the backhanded admission, after they've sat there and done hardly nothing but legally cover their own ass while the hacker went wild with customers data, financial or otherwise.
Start holding COMPANIES responsible for their own security breaches instead of looking the other way and allowing them to blame the victims who's information they demanded/stole and then didn't properly protect, and I bet security would improve immediately.

-Frem

NOTIFY: N   |  REPLY  |  REPLY WITH QUOTE  |  TOP  |  HOME  

YOUR OPTIONS

NEW POSTS TODAY

USERPOST DATE

OTHER TOPICS

DISCUSSIONS
Scientific American Claims It Is "Misinformation" That There Are Just Two Sexes
Thu, April 25, 2024 01:50 - 8 posts
In the garden, and RAIN!!! (2)
Wed, April 24, 2024 23:37 - 3559 posts
Elections; 2024
Wed, April 24, 2024 20:12 - 2302 posts
Case against Sidney Powell, 2020 case lawyer, is dismissed
Wed, April 24, 2024 19:58 - 12 posts
Grifter Donald Trump Has Been Indicted And Yes Arrested; Four Times Now And Counting. Hey Jack, I Was Right
Wed, April 24, 2024 09:04 - 804 posts
Russia Invades Ukraine. Again
Wed, April 24, 2024 08:57 - 6296 posts
Slate: I Changed My Mind About Kids and Phones. I Hope Everyone Else Does, Too.
Tue, April 23, 2024 19:38 - 2 posts
No Thread On Topic, More Than 17 Days After Hamas Terrorists Invade, Slaughter Innocent Israelis?
Tue, April 23, 2024 19:19 - 26 posts
Pardon Me? Michael Avenatti Flips, Willing To Testify On Trump's Behalf
Tue, April 23, 2024 19:01 - 9 posts
FACTS
Mon, April 22, 2024 20:10 - 552 posts
Russian losses in Ukraine
Mon, April 22, 2024 17:47 - 1010 posts
I agree with everything you said, but don't tell anyone I said that
Mon, April 22, 2024 16:15 - 16 posts
 VIEW MORE TOPICS 

FFF.NET SOCIAL